Senior Compliance Manager

Job Description

About Donorbox

Donorbox is a leading fundraising platform and donor management system for nonprofit organizations. Our mission is to accelerate positive impact worldwide by helping nonprofits become highly effective at raising funds and managing their supporter base. Since 2014, we have powered more than 100,000 global organizations to raise over $3B in donations. 🚀

Our fast-growing company is profitable and bootstrapped with a healthy run rate. We have a fully distributed and diverse 150-person team based in 16+ states and 23+ countries. In 2026, Donorbox was named by Built In as one of the Best Places to Work in Washington, DC.

🏅 Donorbox is rated the #1 software for fundraising, donor management, and nonprofit payment on G2 based on hundreds of verified customer reviews — a reflection of the care our team puts into building products that nonprofits trust.

The Role

As the Senior Compliance Manager, you will own and scale Donorbox’s global compliance and risk programs across data protection, security, and regulatory frameworks. You will ensure adherence to key standards (e.g. GDPR, PCI DSS, SOC2, ISO 27001, HIPAA) while building scalable processes that support business growth.

You will partner closely with Legal, Security, Product, Sales, and external auditors to manage audits, reduce risk exposure, and enable enterprise readiness. This role requires strong judgment and a pragmatic, risk-based approach, ensuring compliance while enabling business growth and product innovation.

Responsibilities

• Own and scale the company’s global compliance program across regulatory, security, and privacy frameworks
• Lead external audits and certifications (SOC 2, PCI DSS, ISO 27001), including preparation, execution, and remediation
• Develop and maintain policies, controls, and governance frameworks aligned with business needs
• Partner with Sales and Customer teams to support security reviews and enterprise deals
• Drive vendor risk management and third-party compliance processes
• Identify, assess, and mitigate compliance and security risks across the organization
• Apply a risk-based approach to compliance, making informed trade-offs that balance regulatory requirements with business and product needs
• Monitor and manage compliance incidents, requests, and inquiries, ensuring timely resolution and appropriate escalation
• Leverage tools (e.g., Vanta) to track compliance posture, automate workflows, and improve reporting
• Build and deliver internal compliance training and awareness programs across the organization
• Serve as a key advisor to the General Counsel and leadership team on compliance strategy, risk, and business trade-offs

Qualifications & Experience

• 5–10+ years in compliance, risk, IT audit, or security governance roles
• Experience building, implementing, and maintaining compliance programs, including audits and risk assessments
• Strong knowledge of frameworks such as GDPR, SOC 2, PCI DSS, ISO 27001
• Experience managing audits and working with external auditors
• Ability to translate regulatory requirements into practical business processes
• Strong judgment and ability to interpret and apply regulatory requirements in a practical, business-oriented way
• Experience with compliance automation tools, preferably Vanta, including managing controls and audit workflows

Preferred

• Experience in SaaS, fintech, payments, healthcare, or other data-heavy environments
• Strong product and technical understanding, with ability to partner effectively with Product and Engineering teams
• Experience supporting enterprise sales (e.g., security questionnaires, RFPs, customer compliance requests)
• Deep expertise in one or more security/compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001)
• Familiarity with vendor risk management and subprocessor oversight
• Experience operating across US, UK, and EU regulatory environments
• Certifications in compliance, audit, or security (e.g., CISA, CISM, CISSP, ISO Lead Auditor)

Details

• Fully remote based in United States
• Salary: $130k-$160k, based on experience and location

Benefits & Perks

• Fully remote work from the comfort of your home
• Generous time off policy of 21 days (birthday included 🎉), 8 designated/floating holidays, 2 paid volunteer days, and 5+ sick days (dependent on state)
• Employer-sponsored health insurance plan through TriNet, including medical (United Healthcare), dental, vision, and life
• 401(k) retirement plan via TriNet’s partner, Empower, with an employer match of up to 4%
• Reimbursement package for home office expenses and professional development, up to $1.5k
• Eligibility for employee equity plan (stock options)
• Wellness program with fitness and mindfulness classes
• Love your work and our mission of serving nonprofits!

If this sounds like the right role for you, please apply today and let us know why. We look forward to hearing from you!

This employer participates in E-Verify to confirm the employment eligibility of all newly hired U.S. employees. To learn more about E-Verify, please visit www.e-verify.gov .