Compliance Manager
Lucid Software · Salt Lake City, UT · 5 days ago
LegalFull-time
Responsibilities
- Develop deep expertise in our products and technology stack to better understand data storage, user workflows, and internal processes.
- Own execution of core SaaS compliance programs including data mapping, privacy assessments, AB/AC policy implementation, global sanctions compliance, data retention policies and vendor risk management.
- Proactively update and maintain compliance documentation with attention to detail.
- Deploy and maintain tools to track compliance related OKRs and measure and optimize the effectiveness of compliance programs and training initiatives.
- Monitor, analyze and report on evolving global laws and regulations affecting the SaaS space, maintaining a specific focus on U.S. and EU developments.
- Manage controls for internal and customer-facing artificial intelligence systems in alignment with emerging standards (e.g., EU AI Act risk classifications, ISO42001).
- Partner directly with teams across Lucid to help them navigate regulatory considerations and implement controls related to products, vendors and business operations.
- Design and deliver engaging, role-specific compliance training programs and compliance awareness campaigns to ensure Lucidites understand their role in corporate compliance and the importance of it.
Requirements
- Bachelor’s degree in technology, legal, regulatory or a related discipline.
- 5+ years of experience in privacy or compliance management within a B2B SaaS or cloud-native environment, heavily regulated industry or at a law firm or government agency.
- Strong operational understanding of global data protection laws (such as GDPR and CCPA), emerging AI laws, traditional consumer protection frameworks, and the willingness to learn other global regulatory frameworks applicable to SaaS.
- Demonstrated capability to work cross-functionally understanding the priorities of the business as a whole and of each department to thoughtfully implement compliance policies and procedures.
- Outstanding verbal and written communication skills with a demonstrated ability to translate complex legal and regulatory frameworks into plain-language questions, tasks and explanations for all departments at Lucid.
- Exceptional analytical skills to proactively spot control gaps, policy violations, and prioritize remediation paths.
- A highly responsive and self-motivated professional with a genuine curiosity for technology, a rapid learning curve, and a proven ability to take immediate initiative, prioritize multiple urgent tasks, and provide suggestions when navigating complex, ambiguous situations.
- A strong foundational understanding of how modern cloud software is built, how SaaS companies operate and how to navigate regulatory requirements around business realities.
Preferred Qualifications
- Holding one or more relevant industry designations such as CIPP (Certified Information Privacy Professional), CISA (Certified Information Systems Auditor), or CRISC (Certified in Risk and Information Systems Control).
- Direct experience implementing and managing automated compliance platforms (particularly OneTrust and Osano) and other common SaaS tools such as Jira, CSI, SFDC and Zendesk.
- Practical exposure to evaluating the transparency, explainability, and bias risks of machine learning models or automated decision-making software in order to issue spot and provide advice to employees and teams implementing internal and customer facing AI initiatives.
- Proven track record of designing, building, and scaling core privacy workflows (e.g. data mapping and DSR intake systems) with a strong passion for turning complex regulatory requirements into highly efficient, repeatable processes.