At Thoropass, we are revolutionizing the compliance and audit industry by integrating cutting-edge AI technology with expert human insight. We’re driven by our mission to build a world that’s safer for consumers and ensuring compliance is never a blocker to innovation.
Requirements
- Direct enterprise-wide information security strategy, standards, and governance across IT systems, networks, and applications.
- Define, implement, and maintain baseline security configurations aligned with ISO 27001, SOC 2, NIST, and CIS benchmarks.
- Lead incident response, disaster recovery, penetration testing, and vulnerability management programs.
- Oversee access management, identity governance, and insider threat monitoring initiatives.
- Drive continuous risk assessments, audits, and third-party risk management.
- Own Thoropass’ global data protection program, ensuring compliance with GDPR, CCPA, HIPAA, and other privacy laws.
- Conduct Privacy Impact Assessments (PIAs), manage data inventories, and oversee breach notification and data subject requests.
- Develop and maintain internal privacy training, awareness, and documentation.
- Support customer-facing vDPO (virtual Data Protection Officer) services through education, webinars, and thought leadership content.
- Embed privacy-by-design principles into product and operational processes.
- Manage U.S. trade, export control, and sanctions compliance per company policy and applicable regulations.
- Maintain product and service classifications, export jurisdiction, and sanctions screening.
- Oversee compliance audits, recordkeeping, and employee training related to trade regulations.
- Advise senior management on regulatory risks and mitigation strategies.
- Serve as SME on HIPAA, HITECH, HITRUST, and related healthcare security frameworks.
- Collaborate with internal and external stakeholders to ensure compliant data handling practices.
- Develop and deliver internal training and customer education content.
Benefits
- Immediate access to health, dental, and vision care
- Equity
- Hybrid & remote work available
- Flexible PTO
- 401k
