Compliance and Privacy Officer

About Toku

Toku is a prominent provider of compliance infrastructure for crypto companies. Our focus is on empowering these companies to pay their employees using tokens and stablecoins while adhering to various tax laws at state, federal, and international levels. With a client base that includes a significant percentage of crypto companies listed on Robinhood, Toku is experiencing rapid growth.

Backed by a substantial investment totaling $26 million from reputable investors such as Blockchain Capital and Naval Ravikant, Toku is swiftly expanding to meet the increasing demand for compliance solutions within the dynamic regulatory landscape.

As Toku's Compliance and Privacy Officer, you will play a pivotal role in leading privacy and security programs to ensure compliance with regulatory standards like GDPR, SOC2, and ISO 27001. This essential position calls for a blend of technical proficiency and strategic direction, crucial in shaping the compliance landscape in the ever-evolving crypto industry.

What You Will Do

• Supervise Privacy and Compliance Frameworks:

• Oversee GDPR compliance practices and drive certification efforts with TrustArc/eTrust.

• Design and execute privacy and security programs that align with regulatory frameworks such as SOC2, GDPR, and ISO 27001.

• Lead collaborative initiatives across teams related to security and privacy programs.

• Serve as the primary contact for privacy-related inquiries and audits.

• Manage Security Protocols:

• Establish and implement security protocols to safeguard data integrity and protection.

• Conduct system security audits and perform penetration testing.

• Define access control measures, encryption standards, and secure data transfer protocols.

• Technical Leadership:

• Lead vulnerability assessments and develop remediation strategies.

• Collaborate with engineering teams to incorporate privacy-by-design and security-by-design principles.

• Develop Training Programs:

• Introduce company-wide initiatives for privacy and security training.

• Stay abreast of evolving regulations and security threats, adjusting strategies accordingly.

What We're Seeking

• Bachelor’s or Master’s degree.
• 4-8 years of experience driving security/privacy engineering initiatives in a fintech SaaS or HRIS/payroll platform.
• Proven track record managing implementations of GDPR, SOC2, or ISO 27001.
• Strong knowledge of encryption, authentication, and network security.
• Familiarity with compliance management platforms like TrustArc or Drata.
• Exceptional written and verbal communication skills to communicate complex ideas effectively across diverse audiences.

Preferred Certifications

• Certified Information Systems Security Professional (CISSP).
• Certified Information Privacy Professional (CIPP/E, CIPP/US).
• ISO 27001 Lead Implementer certification.

What You'll Love About Working at Toku

• Influence the future of the crypto compliance sector amid a critical regulatory period.
• Collaborate with innovative clients and prominent industry-leading investors.
• Contribute to a rapidly growing startup with a robust product-market fit.
• Enjoy competitive compensation, equity opportunities, and a work culture that supports remote work.

Toku is an equal opportunity employer, dedicated to fostering a diverse team that encompasses a broad range of backgrounds, thoughts, and experiences. We uphold a commitment to non-discrimination based on various characteristics. Individual from all backgrounds are encouraged to apply.

We recommend utilizing Rezi.ai to assess resume quality before submitting an application.