Offer summary

Qualifications:

6-8 years of experience in compliance, information security, or risk management in SaaS or cloud-native environments., Deep understanding of AWS architecture and services related to security and compliance., Proven experience with SOC 2, PCI DSS, and NIST 800-53 controls implementation., Strong documentation and communication skills, with the ability to synthesize complex standards into actionable insights..

Key responsibilities:

Lead and manage compliance external audits including SOC 2, ISO 27001, and PCI DSS.

Oversee vendor risk assessments and maintain the Infrastructure Vulnerability Management program.

Draft and enforce security and compliance policies aligned with regulatory requirements.

Work cross-functionally with various teams to ensure compliance and conduct security awareness campaigns.

Job description

interface.ai is the industry's-leading specialized AI provider for banks and credit unions, serving over 100 financial institutions. The company's integrated AI platform offers a unified banking experience through voice, chat, and employee-assisting solutions, enhanced by cutting-edge proprietary Generative AI.

Our mission is clear: to transform the banking experience so every consumer enjoys hyper-personalized, secure, and seamless interactions, while improving operational efficiencies and driving revenue growth.

interface.ai offers pre-trained, domain-specific AI solutions that are easy to integrate, scale, and manage, both in-branch and online. Combining this with deep industry expertise, interface.ai is the AI solution for banks and credit unions that want to deliver exceptional experiences and stay at the forefront of AI innovation.

.Experience : 6-8 Years

As a Senior Compliance Specialist, you will lead and manage critical compliance and risk initiatives across our cloud-native infrastructure. You will be instrumental in developing and strengthening internal controls, ensuring regulatory compliance, and lead third party audits involving various frameworks including SOC 2, ISO 27001, and PCI DSS. Your deep understanding of AWS cloud environments is essential to support secure and compliant operations at scale.

Responsibilities:

Lead and manage compliance external audits including SOC 2, ISO 27001, and PCI DSS
Lead the Vendor risk assessment and due diligence programs with respect to Vendor onboarding
Participate in risk assessments, gap analysis, and internal control reviews.
Oversee and maintain the Infrastructure Vulnerability Management program and external penetration tests
Map and correlate different compliance frameworks and standards, understanding their underlying principles and interconnections
Draft, maintain, and enforce security and compliance policies aligned with SOC 2, PCI DSS, and ISO 27001 requirements.
Ensure regulatory compliance with U.S. federal financial regulations, including GLBA and other relevant mandates and raise any identified red flags
Manage the compliance management platform and document period evidence required for various external audits.
Work cross-functionally with Engineering, DevOps, Product, and Legal teams.
Conduct Security Awareness campaigns and periodic phishing campaigns as required

Qualifications:

Mandatory

6–8 years of progressive experience in compliance, information security, or risk management roles within SaaS or cloud-native environments.
Deep understanding in AWS architecture and services, especially in the context of security and compliance.
Proven experience implementing and managing controls aligned with:

SOC 2 Trust Services Criteria
PCI DSS v4.0
NIST 800-53

Strong experience in developing ITGCs and auditing technical controls in the cloud.
Working knowledge or certification in ISO/IEC 27001 & ISO 27002.
Demonstrated success managing compliance audits end-to-end.
Ability to learn quickly and synthesize complex standards and regulatory texts into actionable insights
Strong documentation, communication, and stakeholder coordination skills is a must.
Experience working in Startups

Preferred:

Additional certifications such as CISA, CISM, CISSP, or CCEP are a plus.
AWS Certified Cloud Practitioner (AWS CCP)
Experience or understanding of GLBA and other U.S. federal regulations applicable to financial institutions.

At interface.ai, we are committed to providing an inclusive and welcoming environment for all employees and applicants. We celebrate diversity and believe it is critical to our success as a company. We do not discriminate on the basis of race, color, religion, national origin, age, sex, gender identity, gender expression, sexual orientation, marital status, veteran status, disability status, or any other legally protected status. All employment decisions at Interface.ai are based on business needs, job requirements, and individual qualifications. We strive to create a culture that values and respects each person's unique perspective and contributions. We encourage all qualified individuals to apply for employment opportunities with Interface.ai and are committed to ensuring that our hiring process is inclusive and accessible.

Required profile