GRC Program Manager

Job Description

What do we do?

As the SaaS space expands, there’s more potential than ever for growing software companies.

Having a great product is only part of the journey. B2B SaaS companies today face endless competition, live or die by customer acquisition costs, have to earn customer loyalty every day, need to operate across borders, and must navigate increasingly complex regulations.

Our all-in-one platform is purpose-built for modern SaaS execution and already powers growth for over 2000 software companies, globally. Our Revenue Delivery Platform integrates checkout, payment, and subscription management, making it easy for businesses to activate new business models, enter new markets, turn on new offerings, and renew subscriptions without friction and we handle compliance globally, so our Sellers always operate with full integrity.

The role:

Reporting to the Head of InfoSec you will take ownership of Paddle’s governance, risk, and compliance programs and establish processes to measure and mature Paddle’s compliance and risk posture as it pertains to our information assets. You will ensure that Paddle maintains compliance with relevant regulatory and other industry-standard frameworks by working closely with both internal and external stakeholders.

You'll have the opportunity to make an impact across the business as you develop Paddle’s information security risk management and related compliance operations. You will work closely with Paddle’s Heads of Compliance and Risk, General Counsel, Finance, as well as the Product Engineering and TechOps teams.

What you'll do:

• Ensure compliance with applicable controls based on a unified control framework
• Mature and manage the data and technology risk program including risk registers, risk identification, tracking, prioritization and driving resolution of project/program level issues
• Help maintain and mature internal corporate Information Security Policies
• Collaborate with various key stakeholders to gain a common understanding of issues related to the control breakdowns/missing controls to define a specific commitment to strengthen or implement controls
• Lead and project manage the compliance programs across all business units
• Partner with the Legal team to implement and streamline privacy processes and controls
• Select, implement, and manage GRC solutions for the organisation

We'd love to hear from you if you:

• Have a strong understanding of IT and cyber security, with demonstrable experience establishing and operating a technical risk and compliance function. You will have worked with common technical and security standards such as ISO27001, SOC2 and GDPR
• Have the ability to operate with a high degree of autonomy and lead the organisation-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations. This includes the ability to develop security standards and guidelines based on best practices and industry standards
• Have excellent written and verbal communications skills, and the ability to interact with a wide variety of internal stakeholders and provide clear reporting of the company's compliance posture
• Are someone who thinks compliance and proactive auditing of controls as a means to drive improvements is a worthwhile pursuit!
• Love to make sense of the ambiguous and abstract!

Why you’ll love working at Paddle

We are a diverse team of 170 and growing people. We care deeply about enabling a great culture which is inclusive no matter your background. We celebrate our diverse group of talented employees and we pride ourselves on our transparent, collaborative, friendly and respectful culture.

We live and breathe our values, which are:

• Exceptional Together
• Solve for the Customer
• Execute with impact
• Better than Yesterday

We offer a full suite of benefits, including attractive salaries, stock options, pension plans, private healthcare, a health & wellbeing platform and coaching sessions.

We are a ‘digital-first’ company, which means you can work remotely or from an amazing office if you prefer, or even a bit of both! We offer all team members unlimited holidays and 4 months paid family leave regardless of gender. We love our casual dress code, annual company retreats and much more. We truly invest in learning and will help you with your personal development, from constant exposure to new challenges, an annual learning stipend to regular internal and external training.

Our Mission

Our mission is to help software companies succeed — enabling them to focus on creating products the world loves. Hundreds of companies rely on our e-commerce platform to sell their software products globally, as well as our powerful analytics and marketing tools to understand and grow their businesses.

Our vision is to become the platform that all software companies use to run and grow their business. We aim to replace a fragmented ecosystem of specialised tools with a unified platform that removes the complex burden that comes with running a software business, whilst also providing unparalleled insight to help them grow faster.

Deloitte Fast 50 named us amongst the fastest growing software companies in the UK four years running, and we’ve raised over $93m in funding from incredible investors such as FTV Capital, Kindred, Notion, and 83North.

Equal opportunities

We believe in having diverse teams in which everyone can be their authentic self is key to our success. We encourage people from underrepresented backgrounds to apply and we don't discriminate based on race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, marital status, disability or age. ​Our office is wheelchair friendly and we are a family-friendly employer​.