×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant

Security & Compliance Manager

Job in Austin, Travis County, Texas, 78716, USA
Listing for: Givebutter, Inc
Full Time position
Listed on 2026-06-02
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant
Job Description & How to Apply Below
Company Description

Givebutter is the most-loved nonprofit fundraising and CRM platform, empowering millions of changemakers to raise more, pay less, and give better. Nonprofits use Givebutter to replace multiple tools so they can launch fundraisers and events, use donation forms and donor management (CRM), send emails and text blasts-all in one place. Use of the Givebutter platform is completely free with a 100% transparent tip-or-fee model.

Givebutter has been certified as a Great Place to Work® every year since 2021, and is the #1 rated nonprofit software company on G2 across multiple categories.

Our mission is to empower the change maker in all of us. We believe giving should be fun, so you'll want to do it again, and we also believe that work should be fun, so that you'll have the greatest impact. We are excited to hear from talented people who want to work with other talented people in making the world a butter place-and have fun along the way.

Role Description

Givebutter is hiring a Security & Compliance Manager to own Givebutter's security function. Your primary mandate is to further harden our critical systems, codify our security roadmap, and implement controls in close partnership with our Product, Design & Engineering (PDE) team. You will also own our certification program (SOC 2, and eventually ISO 27001) and assist with licensing and registration compliance across all US jurisdictions.

This is a hands-on, high-autonomy role for someone who has lived through the security challenges of a growth-stage fintech and knows what it takes to build real defenses, not just check boxes. You will report directly to the General Counsel and work cross-functionally with PDE, Trust & Safety, IT, and Finance.

We want to hear from people who...
  • Have 7+ years of experience in information security, security engineering, GRC, or a related field, with at least 4 years in a fintech, payments, or financial services environment
  • Have hands-on experience hardening production systems at a growth-stage company, not just writing policies about them
  • Possess deep working knowledge of SOC 2, PCI DSS, and at least one additional framework (NIST CSF, CIS Controls, ISO 27001)
  • Understand modern AI-era threat vectors and can articulate a defensive strategy against them
  • Have technical fluency: you can read a cloud infrastructure diagram, understand why a Git Hub permissions model matters, evaluate a pen test report, and translate all of it into actionable guidance for engineering teams
  • Have managed GRC tools hands-on (Vanta, Drata, Secureframe, or similar) and driven remediation workflows to closure, not just monitored dashboards
  • Have led external audits end-to-end: auditor relationships, evidence collection, findings remediation, and board-level reporting
  • Can build programs, not just maintain them: you thrive in environments where the playbook doesn't exist yet and you need to write it
  • Communicate complex security and regulatory topics in plain language to non-technical stakeholders
  • Have strong judgment about when to escalate, when to act independently, and when to push back
Bonus Points
  • CISSP, CISM, CISA, or CEH certification
  • Familiarity with AI security frameworks: NIST AI RMF, MITRE ATLAS, OWASP AI Security and Privacy Guide
  • Experience with BSA/AML program design, SAR filing, or OFAC sanctions screening
  • Experience managing bank partner or sponsor bank compliance relationships
  • Familiarity with Stripe's platform, APIs, and compliance tools
  • Prior experience at a company operating in the charitable giving, nonprofit, or crowdfunding space
  • Experience with state charitable fundraising platform/solicitation registration requirements
  • Track record of building compliance or security programs at a Series A through Series D stage company
  • CAMS or CRCM certification
Responsibilities

Security Roadmap & Systems Hardening
  • Codify and execute the security roadmap for the organization, prioritizing the further hardening of critical systems (payment infrastructure, donor data stores, authentication flows, API integrations) and ensuring compliance with applicable laws (e.g., data privacy and security).
  • Partner directly with PDE leadership to embed security…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search