Senior Compliance Engineer
TRM is on a mission to build a safer financial system for billions of people. We deliver a blockchain intelligence data platform to financial institutions, crypto companies, and governments to fight cryptocurrency fraud and financial crime. We consider our business — and our profit — as a way to move towards our mission sustainably and at scale.
Team Summary
- The Security Team is responsible for and committed to securing all things at TRM. From our customers to our code, and everything in between, the security team is involved in all aspects of the business.
Job Summary:
- We are looking for a Senior Compliance Engineer to own TRM’s compliance and GRC initiatives that ensure we continue to deliver best-in-class security and trust for our customers.
The impact you will have here:
- Develop scalable and sustainable processes and tools for normalized controls, collecting audit evidence, monitoring controls, and conducting gap analyses.
- Manage TRM’s existing security compliance and certification lifecycle (e.g., SOC 2 Type II) while planning for and prioritizing future compliance needs.
- Develop a compliance program to achieve FedRAMP certification.
- Manage customer due diligence requests including developing and maintaining security collateral for customers (e.g., SIG, CAIQ).
- Conduct enterprise risk assessments and manage the risk registry.
- Develop a vendor risk management program.
- Identify areas for improvement based on input from customers, the go-to-market teams, and overall business objectives. Anticipate customer needs with respect to compliance and due diligence.
What we’re looking for:
- Develop automation to programmatically implement controls validations and evidence collections. Experience with Python or other programming and scripting languages is required.
- Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs.
- Strong understanding of Public Sector compliance security standards including NIST 800-53, SOC 2, CMMC, ISO, CyberEssentials UK, and other common compliance frameworks.
- Experience with leading a cloud-first SaaS company through the FedRAMP Moderate certification process.
- Strong focus on normalizing controls across frameworks and standards, with an eye toward improving maturity, scalability, and consistency over time, while looking beyond just “checking the box”.
- Privacy and GDPR experience is a plus.
- Security certifications (e.g., CISSP, CISM) are a plus.
TRM's culture is shaped by how we make decisions, how we execute, and how we treat each other
- Impact-Oriented Trailblazer: We put customers first, driving for speed, focus, and adaptability.
- Master Craftsperson: We prioritize speed, high standards, and distributed ownership.
- Inspiring Colleague: We value humility, candor, and a one-team mindset.
Build a Career
Joining TRM means being part of a mission-driven team comprised of industry leaders.
At TRM, you'll experience:
- Purpose: Have a real-world impact, from disrupting terrorist networks to returning stolen funds.
- Growth: Professional advancement opportunities through clearly defined career pathways and biannual performance reviews.
- Ownership: Take pride in your work. Have a large breadth and scope of contributions and impact.
Work Environment
- Remote First: Our headquarters is online but we highly value in-person interactions, organizing regular meetups and offsites for team building.
- Async Communication: Clear communication is key in our decentralized setup. We use tools such as Slack, Notion, and Loom, to promote transparency and efficiency.
- High Ownership: Small teams drive big goals at TRM with ownership, responsibility, and a direct impact. There's no strict clocking in or out. Team members are trusted to balance personal schedules with team needs.
- TRM Speed: We move “surprisingly fast” while maintaining a high bar in service of our customers and mission. This can feel both intense and rewarding. Our unique approach emphasizes quick wins, rapid iterations, and constant feedback.
- Diversity and Inclusion: Diversity at TRM encompasses backgrounds, experiences, and perspectives. Every day is an opportunity to learn from a colleague, whether they're a law enforcement expert or a tech pioneer.
- Annual Company Offsite: Once a year, TRMers come together from around the world to attend a 1-week mandatory company offsite. This is designed to foster in-person relationships, creativity, and strategic alignment. Employee attendance is required of all TRMers.
Benefits and Perks
At TRM, we know that supporting our team members can take many forms. Our goal is to enable you to care for yourself, your family, and your community with a diverse and curated benefits package for full-time employees.
- Remote-first work environment
- Competitive salaries and stock options
- Premium health, dental, and vision insurance
- FSA, HSA, and 401K programs
- Life & disability coverage
- Generous paid time for vacation, holidays, and parental leave
- Fertility, professional coaching, and mental health resources
Join Us
We are looking for team members who love building from the ground up and want to work hard in a fast-paced and ambitious environment. We are remote-first, with exceptionally talented team members located around the world. If you like solving tough problems quickly and seeing your work improve the lives of billions of people, we want you at TRM.
We encourage you to reach out even if your experience doesn't precisely match the job description. Don't worry about picking exactly the right job; we can always explore other options after starting the conversation. Your passion and interests will set you apart, especially if your background or career is unconventional.