About Us
RedCompass Labs helps financial institutions deliver profitable, secure, end-to-end payment and financial crime services and solutions.
RedCompass Labs provide advanced data-led AI payments testing technology as well as delivery-focused consulting, managed services, and world-class workshops on vast array of subjects including Future of Payments and ISO 20022.
RedCompass Labs is committed opening the doors of finance to all and keeping those inside safe. They are especially focused on disrupting financial crime that affects the most vulnerable. To this end, they have invested in R&D, data science and created the RedCompass Labs RedFlag Accelerator, the global most comprehensive database of modern slavery and human trafficking red flags for the financial industry. In 2020, the RedFlag Accelerator won the PayTech for Good Award.
Today, RedCompass Labs support its clients from its seven offices in London, Singapore, Tokyo, Belgium, Warsaw, Canada and US.
Role Overview
We're seeking an experienced SOC 2 Compliance Lead to help deliver our SOC 2 Type I and II certifications for our new product suite. You’ll own the roadmap for SOC2 Type 1 and Type 2 accreditation, work closely with our ISO 27001-certified compliance team, and partner with engineering, product, and leadership to embed security and trust into our growth story.
Key Responsibilities
* Drive SOC 2 Type I and II delivery: Take ownership of the full SOC 2 compliance lifecycle — using the existing gap analysis to coordinate readiness activities, support remediation efforts, and manage the audit process through to successful certification.
* Work within an established InfoSec framework: Leverage our existing ISO 27001 controls, policies, and documentation to align with SOC 2 Trust Services Criteria (TSC), ensuring consistency and avoiding duplication of effort.
* Bridge gaps against SOC 2 requirements: Identify, assess, and support remediation of control gaps specifically related to the Security and Confidentiality TSCs, working closely with the compliance team.
* Support audit coordination: Assist the compliance team in facilitating auditor requests, managing evidence collection, and ensuring audit timelines are met.
* Enable cross-functional implementation: Collaborate with DevOps, AI, product, and engineering teams to ensure technical and procedural controls are SOC 2–aligned and audit-ready — in harmony with ongoing ISO 27001 practices.
* Maintain audit-ready documentation: Support the development and maintenance of SOC 2–specific evidence, process documentation, and control records — aligned with existing compliance tooling and workflows.
* Promote SOC 2 awareness internally: Deliver targeted guidance and support to internal teams on their SOC 2 responsibilities, reinforcing a shared culture of compliance and trust.
* Report progress transparently: Provide regular updates to leadership on SOC 2 readiness status, risks, and audit milestones, escalating blockers where necessary.
Required Experience & Skills
* Demonstrated success leading SOC 2 Type I and II audits for SaaS platforms
* Experience driving compliance in startup or early-stage SaaS environments
* Ability to operate independently while aligning with broader InfoSec strategy
* Strong knowledge of SOC 2 Trust Services Criteria and control frameworks
* Hands-on experience with ISO 27001 (with the ability to align and map controls)
* Familiarity with cloud-native environments (AWS, Azure, etc.) and DevOps workflows
* Exposure to GRC platforms (e.g., Vanta)
* Strong documentation and policy development skills
* Excellent communication and stakeholder management abilities
* Experience working in agile, fast-paced, cross-functional environments
Nice to Have
* Familiarity with financial services or the payments industry
* Experience with AI or data-centric platforms or technologies
Why Join Us?
* Work on a meaningful, real-world AI platform used by top-tier banks.
* Help build security and trust from the ground up in a high-impact environment.
* Collaborate with a purpose-driven team that blends tech, payments, and social good.
* Build strong connections in the office with supportive, outcome-focused colleagues—hybrid working is available after the probation period.