Compliance Program Manager

External

Openfx · Bengaluru (india)

Full-timeOn-site4w ago

AWSBashCloud SecurityComplianceDesign SystemsEncryption

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

OpenFX is on a mission to move money as freely as data, unrestricted by time zones, banking hours, or legacy systems. We are building the infrastructure that will power the next generation of cross-border payment systems for institutions. The team's execution has been exceptional, and we're scaling at a remarkable pace. Our stellar early team comes with experience in companies like J.P. Morgan, Goldman Sachs, FalconX, Paypal, Affirm, Polygon, Kraken, Nium & others. We're backed by Accel, Faction, NfX, Accomplice, and other top-tier investors. Role Overview OpenFX is expanding globally in a heavily regulated financial environment. As we scale into new regions, regulators, auditors, and enterprise partners expect provable, continuously operating security controls. We need someone who can turn regulatory requirements into real, running controls-and then prove to auditors that they work. You will own the security controls and evidence that regulators and auditors care about, end to end, ensuring compliance is built into the platform rather than bolted on after the fact.

Responsibilities

Design, implement, and maintain technical and operational controls for SOC 2, ISO 27001, GDPR, DORA, and future regional requirements
Ensure controls are not just documented, but actually enforced in AWS, Kubernetes, and application layers
Translate regulatory language into concrete security mechanisms in partnership with Legal and Compliance
Own audit preparation, evidence collection, walkthroughs, and remediation tracking
Build repeatable, automated evidence pipelines instead of last-minute scrambles
Work with engineering to design systems that are secure by default and defensible to regulators
Ensure logging, access controls, encryption, monitoring, and change management meet regulatory expectations
Build tooling and scripts to continuously validate controls (access reviews, logging coverage, config drift)
Reduce manual compliance work over time by pushing checks into code and infrastructure
Monitor new regulations and assess technical impact across the platform

Requirements

Required
6+ years in security engineering, cloud security, or compliance-focused security roles
Hands-on experience supporting SOC 2, ISO 27001, GDPR, DORA, or similar regulatory frameworks
Ability to translate regulatory requirements into technical controls
Strong working knowledge of AWS security fundamentals (IAM, logging, encryption, networking)
Comfortable owning auditor interactions and explaining systems clearly
Experience building or automating security/compliance processes (Python, Bash, Go, etc.)
Preferred
Experience securing Kubernetes environments
Familiarity with AppSec tooling (SAST/DAST, manual testing)
Experience with AWS security services (GuardDuty, Config, Security Hub)
Prior work in fintech, payments, or regulated infrastructure
Security or compliance certifications (CISSP, CISA, ISO 27001 Lead Implementer, AWS Security)

Benefits

Competitive salary and benefits package.Equity in a rapidly growing company.Opportunity to work in a fast-paced startup at the forefront of fintech innovation.Opportunity to make a significant impact on global financial infrastructure.Collaborative work culture with emphasis on personal and professional growth.We are committed to building a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.Equity / stock options

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at openfx? Share your experience

Interested in this role?

Apply on the company's website.

Cover Letter Connect