Compliance Specialist

About Hightouch

Hightouch’s mission is to empower everyone to take action on their data.  We’ve pioneered the Composable Customer Data Platform (CDP), which helps companies use their own data warehouse to collect, prepare, and activate customer data for marketing personalization and business operations. Traditionally, acting on data has required engineering time and bandwidth, and left most business users stuck with charts and reports that are unable to take automated action on their data. With Hightouch, every business user, without writing any code, can activate data to streamline critical processes, improve marketing performance, and scale operations.

Our team operates with a focus on making a meaningful impact for our customers. We believe in approaching challenges with a first principles thinking mindset, moving quickly and embracing our value of efficient execution, and treating each other with compassion and kindness. We look for team members that are strong communicators, have a growth mindset, and are motivated and persistent in achieving our goals.

Hundreds of companies use Hightouch, including Spotify, Ramp, Retool, NBA, Plaid, and Betterment. We’re based in San Francisco, are remote-friendly, and backed by leading investors such as Amplify Partners, ICONIQ Growth, Bain Capital Ventures, Y-Combinator, and Afore Capital.

About The Role

We are seeking a detail-oriented Compliance Specialist to join Hightouch as our first dedicated compliance operations hire. This role will report directly to our Senior Counsel and will be instrumental in maintaining and improving our compliance infrastructure across multiple regulatory frameworks. The ideal candidate will bring foundational compliance experience and a strong understanding of privacy and security standards.

What You'll Do

• Manage employee onboarding and offboarding processes within Hightouch’s compliance platforms 
• Oversee implementation and enforcement of mobile device management (MDM) policies 
• Process and monitor access requests across various systems and applications 
• Maintain data subject request (DSR) software and workflow processes 
• Manage cross-functional third-party risk assessment questionnaire responses 
• Conduct preliminary vendor security assessments and maintain compliance documentation 
• Assist in maintaining ISO 27001 and SOC 2 compliance programs 
• Collaborate regularly with IT, IS, Engineering, Legal, and HR teams to ensure continued compliance with applicable laws

What We're Looking For

• Bachelor's degree or comparable experience.
• 1-3 years of experience in compliance, privacy, or risk management roles. 
• Working knowledge of GDPR, HIPAA, and other similar privacy regulations.
• Familiarity with ISO 27001 and SOC 2 frameworks and requirements.
• Strong attention to detail and organizational skills.
• Excellent written and verbal communication abilities.  
• Ability to work independently and manage multiple priorities. 

Bonus If You Have

• CIPP or similar certification 
• Experience with compliance management platforms like Vanta
• Previous experience in a fast-growing technology environment 
• A track record of managing the goals of multiple stakeholders  
  The salary range for this position is $110,000 - $130,000 per year,
  which is location independent in accordance with our remote-first policy. We also offer
  meaningful equity compensation in the form of ISO options, and offer early exercise and a 10
  year post-termination exercise window.