Chief Compliance Officer jobs

• Lead and evolve Unity’s technology compliance program, overseeing the design, implementation, and continuous improvement of controls across SOX, PCI DSS, WCAG, and other regulatory frameworks.
• Manage end-to-end audit and assurance activities, serving as the primary liaison for internal and external auditors and ensuring timely delivery of evidence, remediation, and reporting.
• Develop and maintain compliance strategy and governance, aligning technology controls, policies, and procedures with business objectives and risk tolerance.
• Embed compliance into technology operations, partnering with IT, Security, Engineering, and Legal to ensure compliance-by-design in systems and processes.
• Drive continuous control monitoring and risk mitigation, proactively identifying and addressing control gaps and audit findings.
• Champion automation and process improvements to enhance control efficiency, reduce manual effort, and strengthen audit readiness.

• Extensive leadership experience in technology risk, audit, or compliance.
• Deep knowledge of SOX ITGCs, PCI DSS, WCAG/ADA, and related compliance mandates; experience with GDPR and SOC2 a plus.
• Strong understanding of IT control frameworks such as COBIT, NIST CSF, and their application to regulatory programs.
• Proven success leading large-scale audits and remediation efforts with both internal and external stakeholders.
• Excellent ability to translate complex compliance concepts for technical and executive audiences; skilled at cross-functional collaboration.
• Ability to identify control gaps, assess risk, and design practical, effective remediation strategies.

• Professional certifications such as CISA, CISSP, CRISC, PMP, or equivalent.
• Experience in a Big 4 or large-scale enterprise environment managing technology compliance programs.

• Relocation support is not available for this position
• Work visa/immigration sponsorship is not available for this position

This position requires the incumbent to have a sufficient knowledge of English to have professional verbal and written exchanges in this language since the performance of the duties related to this position requires frequent and regular communication with colleagues and partners located worldwide and whose common language is English.

What you’ll be doing:

• Be the Authentic Voice of the Merchant: Serve as Forter’s chief ambassador and thought leader in the commerce community. Participate in market events, including conferences, trade shows, and regional activations, as a credible, respected peer to our customers and prospects.
• Influence and Educate the Market: Play a critical role in delivering thought leadership and education to target audiences and the market at large in partnership with the VP of Growth and VP of Market Strategy.
• Cultivate C-Suite Relationships: Leverage your network and expertise to open doors and build trusted relationships with C-suite executives and senior leaders within our customer and prospect organizations.
• Build a Thriving Customer Community: Architect and lead our market community development strategy, creating forums and programs that foster engagement, knowledge-sharing, and loyalty among our customer base.
• Drive Our Referral and Reference Engine: Partner with your team to identify and nurture reference-ready customers, and build a scalable program that generates a significant volume of high-quality, referral-based pipeline.
• Lead the Customer Advocacy & Engagement Team: Manage and mentor the Senior Director of Customer Advocacy and Engagement, guiding the team's execution of world-class Voice of the Customer (VoC) and advocacy programs.
• Partner to Accelerate Growth:
  • Collaborate with the VP of Growth to strategically infuse the customer voice into demand generation, growth, and partner marketing activations.
  • Work alongside the VP of Market Strategy to bring powerful customer stories and proof points into our product marketing, PR initiatives, and brand campaigns.
  • Serve as an essential partner to the Sales organization , helping to integrate customers and the merchant perspective directly into our sales motion to build credibility and accelerate deals.
• Champion the Merchant Perspective Internally: Partner with the VP of Market Strategy to bring critical "outside-in" thinking to our Product and Engineering teams, ensuring they understand the buyer perspective and are building solutions that create unique value for merchants.

What you’ll need:

• 15+ years of senior leadership experience working directly for an enterprise apparel, accessories, beauty, or retail organization in a digital, e-commerce, or product leadership role.
• No prior SaaS or enterprise software experience is required
• Active engagement in commerce and retail industry communities and networks
• A natural connector and storyteller with executive presence and public speaking skills.
• A commercially-minded leader who understands how to translate customer relationships and community engagement into measurable business outcomes, specifically pipeline and revenue.
• Proven ability to operate strategically and cross-functionally in a fast-paced environment.
• A passion for mentoring and leading teams, fostering a culture of excellence and customer-centricity.

Trust is backed by data – Forter is a recipient of over 10 workplace and innovation awards, including:

• Great Place to Work Certification (2021, 2022, 2023)
• Fortune’s Best Workplaces in NYC (2022, 2023 and )
• Forbes Cloud 100 (2021, 2022, 2023 and )
• #3 on of “Most Innovative Finance Companies” (2022)
• Anti-Fraud Solution of the Year at the Payments Awards (2024)
• SAP Pinnacle Awards “ ” (2023)
• Fintech Breakthrough Awards – Best Fraud Prevention Platform (2023)

Benefits:

• Competitive salary
• Restricted Stock Units (RSUs)
• Matching 401K Plan
• Comprehensive and generous health insurance, including vision and dental coverage
• Home office allowance
• Generous PTO policy
• Half day Fridays

Salary Range:+ bonus + equity + benefits

Governance, Risk & Compliance

• Develop, implement, and maintain an enterprise-wide information security strategy and governance framework aligned with organizational goals.
• Establish and maintain information security policies, standards, and procedures that support business continuity and risk management. This includes continuing to build and enhance governance, privacy, and security frameworks to encompass AI/ML workloads and data pipelines, ensuring responsible, compliant, and secure adoption of AI technologies across the enterprise.
• Oversee enterprise-wide security risk management, including assessments, and mitigation plans.
• Ensure compliance with relevant information security frameworks and standards including but not limited to SOC 2, HIPAA, PCI DSS, ISO.
• Collaborate with Legal and Compliance on evolving data privacy regulations (GDPR, CCPA, etc.) and integrate privacy by design across systems and products.

Security Operations

• Direct day-to-day security operations, including monitoring, detection, and response to threats.
• Lead security incident response planning and execution, acting as the senior point of escalation during security incidents.
• Serve as the primary advisor to the executive team and Board on cybersecurity strategy, risk posture, and incident readiness.
• Drive the identification and remediation of security vulnerabilities within defined SLAs.
• Manage key performance metrics for security maturity, leveraging automation, analytics, and AI to drive continuous improvement across detection, response, and compliance.
• Review, refine and mature existing security processes and tools, including but not limited to SIEM, DLP, vulnerability management, email security, end point security, penetration testing, threat hunting, threat analysis, security monitoring, and security incident response.
• Oversee business continuity and disaster recovery planning, ensuring resilience across cloud and data center operations.

Product Security

• Perform security software architecture review and integrate threat modeling and abuse cases into the SDLC; Advise and implement secure software architecture patterns.
• Assess and architect security for SaaS/Cloud applications across AWS, GCP and Azure.
• Drive the development and implementation of standard security review processes across the company that result in effective methods for reducing security risks before product releases.
• Integrate application security tools within existing development, build, and deployment processes.
• Oversee the execution of dynamic & static code scan reviews and run-time tests.
• Own and manage the bug bounty program.
• Assist with the planning and execution of application penetration tests.
• Interface and collaborate with Engineering, Cloud, and SOC teams during security incidents.
• Work with customers as needed, to explain or enhance any security policies or product related engineering.
• Drive the remediation of security vulnerabilities in the products within defined SLAs.
• Assist in completing RFP security questionnaires

Qualifications:

• 15+ years of progressive experience in information security, risk management, or IT leadership, including at least 5 years in a senior security leadership role.
• Proven track record leading enterprise-wide cybersecurity strategy and operations in a global, cloud-first technology company.
• Solid understanding of secure coding principles (e.g., OWASP Top10, OWASP SAMM) and Agile software development practices.
• Demonstrated experience with security in public cloud platforms (AWS, Azure, GCP), CNAPP (Sysdig, Wiz, etc), SAST, DAST, SCA, Networking (Firewalls, Switches, Access Points, etc.), Operating Systems (Linux, Mac, Windows), Secure Software Development, IAM, Key Management, Encryption, SIEM (Splunk, Rapid 7, Alienvault, etc.), DLP (Netskope, Checkpoint, Proofpoint, Symantec, etc), Email Security (Abnormal Security, Mimecast, etc.), and Endpoint Security (SentinelOne, CrowdStrike, etc.)
• Strong background in application and product security, including secure software design, code analysis, penetration testing, and bug bounty management.
• Must have strong collaborative skills, a growth mindset, and a willingness to make tomorrow better than today.
• Industry Certifications such as CISSP, CISM, CCISO are preferred
• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.