Regulatory & Security Compliance Manager
About The Company
Rain makes the next generation of payments possible across the globe. We’re a lean and mighty team of passionate builders and veteran founders. Our infrastructure makes stablecoins usable in the real-world by powering card transactions, cross-border payments, B2B purchases, remittances, and more. We partner with fintechs, neobanks, and institutions to help them launch solutions that are global, inclusive, and efficient. You will have the opportunity to deliver massive impact at a hypergrowth company that is funded by some of the top investors in fintech, crypto, and SaaS, including Sapphire Ventures, Norwest, Galaxy Ventures, Lightspeed, Khosla, and several more. If you’re curious, bold, and excited to help shape a borderless financial future, we’d love to talk.
Ethos
We believe in an open and flat structure. You will be able to grow into the role that most aligns with your goals. Our team members at all levels have the freedom to explore ideas and impact the roadmap and vision of our company.
What you'll do
- Own Rain’s compliance program across DORA, SOC 2, SOC 1, GDPR, and PCI, ensuring we meet and exceed regulatory and audit requirements
- Lead all compliance audits and certifications end-to-end — including renewals, observation periods, and new certifications
- Rain chooses to pursue
- Maintain and evolve Rain’s policies, keeping them up-to-date, consistent across entities, and aligned with regulatory expectations
- Partner with engineering, security, legal, and operations to make sure we are doing what we say we are doing in our policies
- Build a proactive compliance culture, helping the team understand obligations and embed compliance into day-to-day decision making
- Identify gaps and risks early, then drive remediation plans to keep Rain audit-ready at all times
- Assist the team in other compliance-related activities, including actionalize and refine KYB, KYC, and AML processes and procedures based on best practices informed by operational data
What we're looking for
- Open to candidates in the US and EU
- 3–7+ years of compliance, GRC, or security assurance experience, ideally in fintech, payments, SaaS, or other regulated industries
- Deep familiarity with SOC 2, SOC 1, GDPR, PCI, and other compliance frameworks, with a proven track record of leading successful audits
- Excellent program management skills — you can coordinate across teams, manage timelines, and keep multiple compliance workstreams moving
- Strong attention to detail with the ability to turn complex requirements into clear, actionable tasks
- Strong communication and influence skills, able to work with everyone from engineers to executives to external auditors
Nice to have, but not mandatory
- Experience in card issuing, stablecoins, payments, or cross-border fintech products
- Familiarity with ISO 27001, DORA, or other emerging global regulations
- Experience with tools like Vanta