Knot API
Security Compliance Lead
Knot API, New York, New York, us, 10261
About Knot
Knot’s mission is to empower consumers and businesses alike with connected merchant and banking experiences. Knot is like “Plaid for merchant connectivity.” We are building the platform connecting merchants to the many applications that consumers and businesses interact with everyday. Our flagship product allows consumers to instantly update & manage their cards on file with online merchant accounts (e.g. Netflix or PayPal). We are building many new products on top of our novel merchant connectivity platform and we hope you choose to come build them with us!Founded in 2021, Knot was founded by two brothers - Rory and Kieran O’Reilly - and today powers connected online payment experiences for hundreds of thousands of consumers. Companies like American Express, Current, BILT, Step, and more choose to embed Knot’s SDK in their apps to power best-in-class experiences for their customers.Knot is proudly backed by a select group of investors, including Nava Ventures, 8VC, American Express, Plaid, and co-founders & CEOs of prominent companies like Twitter, Warby Parker, Allbirds, Casper, Intercom, Deel, Italic, DraftKings, and many more, along with Lydia Jett of SoftBank Group.Working at Knot
We’re a world-class team hailing from all over the globe with the vast majority of the company in engineering roles. We are looking to further solidify our presence in NYC to be at the heart of the financial services ecosystem.Our team is relentlessly focused on building for our customers and every member of the financial services ecosystem. We take our work seriously and have fun while doing it. Both are equally important.What you’ll do
This role is a hybrid between technical (70%) and business (30%) compliance, reporting to Knot’s CTO.Oversee and manage all compliance-related activities across both technical and business compliance, including SOC2, PCI, ISO, and other relevant standards.
Engage in the sales cycle by contributing to Knot’s adherence with the third-party risk management (TPRM) processes of major prospective customers (e.g. financial institutions).
Coordinate and lead external audits, such as pen tests and SOC2, ensuring all documentation & processes are in place and up-to-date.
Partner with engineering teams to implement internal compliance processes (e.g. Data Loss Prevention, Patch Management, etc.) and conduct internal audits of key systems, such as Google Cloud Platform (GCP).
Implement and manage internal compliance processes, ensuring all teams adhere to set guidelines and standards.
Conduct thorough due diligence for new clients and vendors, ensuring they meet predetermined compliance standards.
Own Knot’s use of Drata as a platform to ensure all compliance policies and processes are updated & maintained.
Remain up to date with the latest compliance standards and best practices, recommending constant improvements to current processes.
Collaborate closely with every function at Knot, including both of Knot’s cofounders.
What you’ll need to get the job done
5+ years of relevant experience in technical, security, and/or financial compliance and ability to singularly lead compliance initiatives.
Familiarity and hands-on experience working with SOC2, PCI-DSS, and/or ISO standards.
Proven experience working at a startup or a strong, demonstrable desire to work in a startup environment.
Familiarity with Drata or similar compliance management platforms.
Ability to remain exceptionally organized.
Ability to multitask and maintain a high level of performance under tight timelines.
High attention to detail, pride in your work quality, and emphasis on always being a truth-seeker.
Low ego and a hunger to get involved in more than one area.
CISM or CISSP certification is a major plus.
What we offer
Interesting and challenging work
Competitive base salary + generous early employee equity + benefits
100% medical, dental, and vision insurance coverage for you and your dependents (U.S.)
Unlimited PTO
Parental leave
Beautiful NYC office in the heart of Flatiron
#J-18808-Ljbffr
Knot’s mission is to empower consumers and businesses alike with connected merchant and banking experiences. Knot is like “Plaid for merchant connectivity.” We are building the platform connecting merchants to the many applications that consumers and businesses interact with everyday. Our flagship product allows consumers to instantly update & manage their cards on file with online merchant accounts (e.g. Netflix or PayPal). We are building many new products on top of our novel merchant connectivity platform and we hope you choose to come build them with us!Founded in 2021, Knot was founded by two brothers - Rory and Kieran O’Reilly - and today powers connected online payment experiences for hundreds of thousands of consumers. Companies like American Express, Current, BILT, Step, and more choose to embed Knot’s SDK in their apps to power best-in-class experiences for their customers.Knot is proudly backed by a select group of investors, including Nava Ventures, 8VC, American Express, Plaid, and co-founders & CEOs of prominent companies like Twitter, Warby Parker, Allbirds, Casper, Intercom, Deel, Italic, DraftKings, and many more, along with Lydia Jett of SoftBank Group.Working at Knot
We’re a world-class team hailing from all over the globe with the vast majority of the company in engineering roles. We are looking to further solidify our presence in NYC to be at the heart of the financial services ecosystem.Our team is relentlessly focused on building for our customers and every member of the financial services ecosystem. We take our work seriously and have fun while doing it. Both are equally important.What you’ll do
This role is a hybrid between technical (70%) and business (30%) compliance, reporting to Knot’s CTO.Oversee and manage all compliance-related activities across both technical and business compliance, including SOC2, PCI, ISO, and other relevant standards.
Engage in the sales cycle by contributing to Knot’s adherence with the third-party risk management (TPRM) processes of major prospective customers (e.g. financial institutions).
Coordinate and lead external audits, such as pen tests and SOC2, ensuring all documentation & processes are in place and up-to-date.
Partner with engineering teams to implement internal compliance processes (e.g. Data Loss Prevention, Patch Management, etc.) and conduct internal audits of key systems, such as Google Cloud Platform (GCP).
Implement and manage internal compliance processes, ensuring all teams adhere to set guidelines and standards.
Conduct thorough due diligence for new clients and vendors, ensuring they meet predetermined compliance standards.
Own Knot’s use of Drata as a platform to ensure all compliance policies and processes are updated & maintained.
Remain up to date with the latest compliance standards and best practices, recommending constant improvements to current processes.
Collaborate closely with every function at Knot, including both of Knot’s cofounders.
What you’ll need to get the job done
5+ years of relevant experience in technical, security, and/or financial compliance and ability to singularly lead compliance initiatives.
Familiarity and hands-on experience working with SOC2, PCI-DSS, and/or ISO standards.
Proven experience working at a startup or a strong, demonstrable desire to work in a startup environment.
Familiarity with Drata or similar compliance management platforms.
Ability to remain exceptionally organized.
Ability to multitask and maintain a high level of performance under tight timelines.
High attention to detail, pride in your work quality, and emphasis on always being a truth-seeker.
Low ego and a hunger to get involved in more than one area.
CISM or CISSP certification is a major plus.
What we offer
Interesting and challenging work
Competitive base salary + generous early employee equity + benefits
100% medical, dental, and vision insurance coverage for you and your dependents (U.S.)
Unlimited PTO
Parental leave
Beautiful NYC office in the heart of Flatiron
#J-18808-Ljbffr