About the company
Kodex revolutionizes how organizations handle sensitive subpoenas and data requests from law enforcement and government agencies. Founded by a former FBI agent and backed by leading investors including Andreessen Horowitz, Y Combinator, and Thiel Capital, Kodex has become the industry standard for secure data exchange. Our platform supports over 15,000 government agencies in 190 countries and is trusted by industry leaders like Coinbase, Stripe, and AT&T.
By transforming a traditionally complex and manual process into a streamlined digital workflow, Kodex helps organizations strengthen compliance, enhance security, and reduce operational costs by millions each year. We bridge the gap between companies and authorized requestors, ensuring that sensitive data is handled with uncompromising security, transparency, and efficiency.
The Role
Kodex is looking for a Compliance, Risk & IT Manager to join our team and take ownership of the systems, safeguards, and standards that protect our company and customers. In this role, you’ll be responsible for ensuring that Kodex meets its legal, regulatory, and contractual obligations — especially around how we manage law enforcement requests and sensitive data. You’ll also be responsible for the secure management of our internal IT infrastructure, ensuring that our devices, systems, and access controls are company-managed, compliant, and resilient.
This is a cross-functional role that blends compliance leadership, risk oversight, and hands-on IT operations. You’ll work closely with legal, product, and security teams to guide our compliance strategy, support audits and vendor assessments, and maintain clear internal policies.
This is a mission-critical role: Kodex operates at the intersection of technology, privacy, and public interest. Your work will help uphold our commitments to transparency, security, and accountability — values that are core to our product and our brand.
Responsibilities
Manage Compliance: Lead audits for SOC2, PCI and HIPAA (we use Vanta). Ensuring compliance with certification requirements and managing improvements post-audit.
Ensure and maintain compliance with GDPR, CCPA, CPRA and other privacy regulations
Work closely with the EU Compliance Officer and Data Protection Officer
Vendor Security Questionnaires: Respond to security questionnaires and inquiries effectively in collaboration with Sales, Security and Engineering
Manage IT Hardware & Systems: Manage the provisioning, security, and lifecycle of company laptops to ensure all devices are compliant, tracked, and securely maintained.
Risk Assessments & Programs: Conduct risk assessments and mitigate data security and compliance risks. Assist in the Development of the Risk programs centered on Vulnerabilities, Enterprise, Vendors, and other areas to proactively address potential threats
Represent Kodex: Represent Kodex as the primary point of contact for all compliance-related matters with clients, partners, and regulatory bodies.
Ensure employees are trained and educated on compliance and security best practices to maintain a strong security culture within the organization. Lead the development and enforcement of internal compliance policies, frameworks, and best practices aligned with industry standards.
Stay updated on cybersecurity trends and threats to ensure effective training and awareness programs for employees
Monitor and respond to evolving regulatory landscapes affecting law enforcement data requests, data privacy, and cross-border data governance.
What you bring
5+ years of experience in compliance, risk management, or IT governance, ideally within a SaaS, security, or privacy-focused environment.
Deep knowledge of regulatory frameworks such as GDPR, CCPA, ISO 27001, SOC 2, and experience supporting audits and due diligence processes.
Experience completing vendor security assessments with engineering-focused questions and infrastructure-level questions
Hands-on experience managing IT systems, employee device provisioning, and endpoint security tools (e.g. MDM, SSO, endpoint protection).
Strong understanding of operational risk and compliance in a B2B tech context, or a banking, fintech or credit context
Ability to design and implement scalable internal controls, policies, and procedures with clarity and simplicity.
Excellent communication and collaboration skills; comfortable working across legal, engineering, and customer-facing teams.
A thoughtful, pragmatic approach to balancing risk mitigation with operational efficiency.
Ideal/optional - Used Vanta previously for compliance management
Benefits
Remote-first within the U.S.
Biannual offsites in exciting locations. Past trips include Seattle, Miami, Nashville, and San Francisco
Competitive salary and meaningful equity
Unlimited PTO + 14 company holidays
Comprehensive medical, dental, and vision plans
401(k) retirement plan
Dynamic Environment: Work on impactful, high-priority matters with opportunities for professional growth.
Equal Employment Opportunities at the Company
Kodex is committed to hiring talented and qualified individuals with diverse backgrounds for all of its tech, non-tech, and leadership roles. Kodex believes that the gathering and celebration of unique backgrounds, qualities, and cultures enriches the workplace.