Compliance Manager

Hi there!

We are looking for an Compliance Manager for the Sweed product startup, fully remote.

Further - more, in the Q&A.

What are we doing?

At Sweed, we offer a comprehensive cannabis retail solution with a wide range of features, including powerful POS functionality, in-depth analytics, marketing and promotional tools, efficient inventory management, and more. Our progressive web app can be easily accessed through the tablets already available in your store without any additional hardware required.

Since our establishment, we have been committed to creating an all-in-one system tailored to the specific needs of large cannabis retailers. Today, we are proud to be a market leader, owing much of our success to our signature killer feature – providing a full spectrum of software in one solution.

Why are we doing this?

At our company, we are driven by our passion for the medicinal potential of plants. Cannabis possesses unique properties that can help alleviate chronic pain, anxiety, depression, epilepsy, multiple sclerosis, glaucoma, and sleep disorders.

Although a significant amount of stigma is associated with this area, we firmly believe these plants possess unique properties and have helped countless people improve their quality of life. This rapidly growing industry presents immense potential for career advancement and personal fulfilment, and we are excited to explore how we can contribute to this dynamic field.

Who are we looking for?

We are seeking a skilled and experienced Compliance Manager to join our technology team. The successful candidate will play a key role in ensuring that our company adheres to regulatory requirements, industry standards, and internal policies.

Responsibilities:

• Create and maintain compliance policies and procedures; oversee adherence to corporate standards and rules.

• Ensure compliance with SOC 1, SOC 2, HIPAA; protect sensitive information and ensure data privacy.

• Conduct internal audits to ensure compliance; prepare reports and recommendations for addressing issues.

• Maintain compliance documentation; prepare regular reports for management on compliance status.

• Advise management and employees on compliance issues; support departments in meeting regulatory requirements.

• Maintain contact with regulators and auditors; prepare and submit necessary reports and documentation.

• Track changes in laws and regulations; adapt internal procedures to meet new requirements.

• Identify and evaluate non-compliance risks; develop measures to mitigate these risks.

• Investigate and resolve non-compliance complaints; implement corrective actions based on findings.

• Design and deliver training programs on compliance; keep employees informed about policy changes.

Qualifications:

• Experience in compliance management, IT audit, risk management, or a related field.

• Proven experience with SOC 1, SOC 2 certifications or HIPAA, including preparation, auditing, and maintaining compliance.

• In-depth understanding of regulatory requirements, industry standards, and internal policies related to IT compliance.

• Experience conducting risk assessments, internal audits, and preparing audit reports and compliance documentation/policies.

• Ability to understand and implement technical controls and measures to ensure data privacy and security.

• Capability to develop actionable recommendations for addressing compliance issues identified during audits.

• Experience interacting with external regulators, auditors, and other relevant roles.

• Proficiency in English at a minimum level of B2.

• Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) are preferred and will be a plus.

• Experience in maintaining GDPR compliance will be a plus.

The conditions:

Is there a probation period, and how long does it last? - Probation period lasts 3 months.

What is the work schedule? - Flexible working hours. Our working time zone is 09.00-15.00 (GMT), but it depends on the team, and can be flexible.

Is it possible to work remotely? - There is an opportunity to work fully remotely, we are a remote-first company, and we don't have offices.

What currency is the salary paid in, and what is the form of employment? - Salary in dollars (employment under a B2B contract with the USA).

The number of vacation days? - 20 working days per year.

The number of sick leave days? - 3 days. 

Social package (medical insurance, other): Medical insurance becomes available after the probation period. We also offer equipment reimbursement for essential items such as laptops and additional equipment like monitors.

The process:

1 hour - Initial call with a recruiter. There's a short English check.
1 hour - Interview with CTO and Security Lead
1 hour - Final interview with CEO