Global Compliance Manager

Retire the ERP. Light exists to replace factory-era ERPs with software that feels alive. Our Smart Financial Platform gives modern, global companies superpowers—automated accounting, real-time reporting, and financial flows that move at the speed of the business. We build with our customers, ship fast, and obsess over craft. In a short time, Light has gone from idea to the operating core for leading companies like Lovable, Legora, and Keyshot. People don’t just use Light—they enjoy it. We’re an early team defining a new software category. Think engineers who love debits and credits, designers who care about reconciliation states, and operators who treat finance as a product. If you’re excited to modernize how the world runs money—one workflow at a time—you’re in the right place. Backed by world-class investors and advised by industry titans, we’re building category-defining products with the freedom to ship ambitiously and own outcomes. Come help us make Light the global default for next-gen finance.

The Global Compliance Manager role involves owning compliance execution at Light. Reporting to the Head of Finance & Core Ops, you’ll be responsible for running our SOC 1, SOC 2, and PCI programmes end to end, keeping us audit-ready, and making sure controls actually work in practice. This role is hands-on and operational. You’ll spend your time coordinating audits, working with DevSecOps and engineers on control implementation, tracking evidence and remediation, and supporting customer and partner due diligence. Your job is to make compliance boring, predictable, and scalable.

Our environment includes:

• AWS infrastructure (EKS, RDS PostgreSQL, Lambda, ECR, S3, SES, Bedrock for AI/LLM)
• Kotlin backend with Gradle, Next.js frontend with TypeScript
• GitHub Actions CI/CD, Terraform for infrastructure, Kubernetes via Tanka/Jsonnet
• Datadog and CloudWatch for logging and monitoring
• 25 engineers scaling to 50+, distributed team

What you’ll own:

• Run SOC 1, SOC 2 (Type I & II), and PCI DSS compliance programmes
• Plan and manage audits, timelines, and auditor relationships
• Own evidence collection, review, and submission
• Track audit findings and ensure remediation is delivered with engineering
• Work with DevSecOps to ensure controls are implemented in IAM and access management, CI/CD pipelines, Infrastructure as code, Logging, monitoring, and alerting
• Maintain and update security and compliance policies and procedures
• Own risk registers, exceptions, and compensating controls
• Support customer security questionnaires and vendor due diligence
• Document controls clearly for auditors, customers, and internal teams
• Partner with the Head of Finance on compliance priorities and roadmap

Day to day, this means chasing evidence, reviewing controls, answering auditor questions, following up on open items, and working with engineers to close gaps without slowing delivery.

How you fit into the team:

You’re practical and detail-oriented. You’re comfortable working with engineers and asking for what you need, but you also know how to translate audit requirements into clear, achievable tasks. You care less about perfect frameworks and more about controls that actually run in production. You’re organised, persistent, and calm under audit pressure.

Your qualifications include:

• 3–7 years’ experience in compliance, risk, or security roles
• Hands-on ownership of SOC 1, SOC 2, and/or PCI DSS audits
• Experience working directly with engineering or DevSecOps teams
• Working knowledge of cloud infrastructure and software delivery
• Experience managing evidence, audit requests, and remediation tracking
• Strong written and verbal communication skills
• High attention to detail and ability to manage multiple deadlines
• Able to articulate how AI can be incorporated into the compliance function

Bonus points for:

• Experience in fintech, payments, or financial systems
• Familiarity with PCI
• Experience with compliance tooling (Vanta, Drata, Secureframe)
• Background in engineering, IT operations, or security

The good stuff:

In addition to being part of a great team and working in a really fun and innovative environment, we offer:

• Competitive salary + potential stock options
• 25 days of annual leave + public holidays
• Regular socials and company off-sites
• A huge opportunity for career growth as you will help shape a market-defining product

Working at Light means you are embarking on an exciting journey to reshape the future of multinational financial operations. Our goal is to make global finance effortless and empower companies to make informed decisions. Join the rocket ship while it is taking off.