Software Compliance Consultant (SOC 2, GDPR, ISO 270001)
Toma builds a production orchestration platform for deployed digital workers across high-ticket industries. We’re currently finalizing our SOC 2 Type II audit while preparing GDPR and ISO 27001 programs. The role will work with the CTO and engineering to maintain audit readiness and to implement small product changes required to maintain continual compliance. You will: - Work with the CTO and engineering team on Slack - Own audit readiness across three compliance frameworks for the entire company - Implement policy, observability, infrastructure, and product (TypeScript/React) changes - Ensure endpoint/device management compliance using Rippling - Keep the company’s Oneleet control dashboard healthy - Advise on vendor security and vendor questionnaire responses as needed Current compliance status: - SOC 2: Final audit in progress - GDPR: In preparation - ISO 27001: In preparation Received SOC 2 Audit follow-ups on January 22nd that need to be addressed immediately. Apply tot his job