IT Compliance Manager at Toast
We are a rapidly growing company that's revolutionizing the way the restaurant industry does business by pairing technology with an unrivaled commitment to customer success. We help restaurants streamline operations, increase revenue, and deliver amazing guest experiences through our platform that combines restaurant point of sale, guest-facing technology, and award-winning customer support. As a Toaster, you will be challenged to take on meaningful projects that will help shape the future of the company. Join us as we empower the restaurant community to delight guests, do what they love, and thrive.
Toast, Inc. is seeking a dynamic Compliance Manager to support its core POS business. In this role, you will create and maintain corporate policies and procedures, establish internal testing programs, advise and guide internal teams on risk management relating to issues such as SOC2, PCI DSS, PA DSS, BSA/AML, Business Continuity and Disaster Recovery, Ethics, Third-Party Risk Management, and CMS governance.
What you will do:
- Continue to develop, hone, and maintain a robust compliance program to scale with the company’s growth and ensure that the full suite of Toast products and services comply with all applicable state and federal laws and industry best practices.
- Serve as an enterprise-wide subject matter expert for compliance-related matters, which includes responding to daily compliance related inquiries and referrals, participating in special projects, providing technical support to other departments, and assisting sales with RFPs and escalated customer inquiries.
- Serve as the primary point person for, and coordinate responses to, regulatory inquiries, due diligence requests, and external audit requests (e.g., card brand reviews, SOC 1/2, PCI, ITGC, partner due diligence).
- Assist with investigating and documenting incidents of potential money laundering, fraud, or terrorist financing.
- Develop and perform ongoing testing of controls in accordance with the compliance program.
- Monitor regulatory and industry trends to ensure required changes in compliance testing, policies and procedures are integrated in a timely manner while ensuring lines of business prepare for impending regulatory changes.
- Design and deliver enterprise-wide targeted training to enable employees to perform their applicable responsibilities, develop products, and provide customer support, all in compliance with relevant laws.
Do you have the right ingredients?
- At least 6 years of experience in a compliance, audit, or related consulting role.
- At least 4 years of experience in a technology or payments products, services or working knowledge and interest of technology infrastructure principles and practices.
- Track record of successfully overseeing a compliance monitoring/testing program and performance of associated risk assessments, and remediation management.
- Experience interacting with regulators, auditors, and strategic partners relating to assurance frameworks including experience in PCI DSS and SOC2 standards.
- Experience with Visa and Mastercard Operating Regulations, NACHA, is a plus.
- Demonstrated ability to translate requirements into actionable steps, develop project plans and drive progress to timely completion.
- Ability to build relationships with interdepartmental teams and advise on process improvements.
- Strong written and verbal communication skills including a demonstrated ability to clearly provide written reports that accurately and clearly summarize issues and present solutions in an understandable and logical manner.
- Ability to problem solve in a fast-paced environment that take into consideration risk and impact for Toast, Inc., its customers, and its partners.
- JD accepted but not required