Security Compliance Manager

SatoshiLabs s.r.o.

Job Overview

Location

Prague

Job Type

Full-time

Full Job Description

📋 Description

• Own the end-to-end delivery of Tropic Square’s compliance transformation programme for the EU Cyber Resilience Act (CRA) and EUCC certification under Common Criteria for the TROPIC02 chip.
• Build and maintain a master compliance plan with clear milestones, track progress against deadlines, report directly to the CEO, and re-plan execution in response to blockers or shifting priorities.
• Drive internal execution across engineering, legal, operations, and product teams to ensure documentation of security architectures, implementation of SDL requirements, review of Declaration of Conformity, and setup of CSIRT procedures.
• Maintain and relentlessly follow up on an internal action log to ensure accountability, ownership, and timely completion of all compliance-related tasks.
• Manage the relationship with external regulatory advisory consultants, translating their recommendations on CRA, Common Criteria, IEC 62443, ISO 9001/27001/14001, and EUCC into actionable internal tasks.
• Ensure external consultants receive timely inputs and challenge outputs that are incomplete, off-scope, or not fit for purpose without requiring technical expertise in every standard.
• Coordinate cross-functional working groups involving engineering, legal, finance, and leadership to align stakeholders on compliance priorities, risks, and decisions.
• Prepare clear, concise executive summaries and decision materials for the CEO, ensuring leadership is informed and aligned on compliance status, risks, and next steps.
• Maintain a live risk register tracking compliance-related risks, budget consumption, and open decisions; surface issues early with clear recommendations on options and impacts.
• Communicate effectively across technical and non-technical teams, translating complex regulatory requirements into understandable actions for engineers and clear strategic updates for executives.
• Learn and apply regulatory frameworks including CRA, Common Criteria, IEC 62443, and ISO standards rapidly, without needing prior certification expertise on day one.
• Operate without formal authority by building trust, escalating constructively, and making it easy for cross-functional teams to deliver on compliance obligations.
• Ensure no detail falls through the cracks in a complex, multi-stakeholder programme involving hardware security, regulatory compliance, and certification.
• Serve as the central point of accountability for the entire compliance programme, ensuring alignment between internal teams and external advisors.
• Enable the TROPIC02 chip to meet market entry requirements by ensuring all regulatory and certification deliverables are completed on time and to standard.

🎯 Requirements

• Proven experience managing complex regulatory, certification, or compliance transformation programmes
• Ability to coordinate cross-functional teams without formal authority and drive execution through influence
• Experience managing external advisory or consulting relationships and translating expert recommendations into actionable internal tasks

🏖️ Benefits

• Ownership of one of Tropic Square's most strategic programmes with direct impact on product market entry
• Direct reporting line to the CEO with no bureaucratic layers and high visibility
• Opportunity to work on one of the most complex regulatory challenges in the hardware security industry
• Collaboration with the founders behind Trezor and a world-class engineering team for whom security is a core philosophy

Skills & Technologies

Onsite

Degree Required

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

AI Job Fit Analysis

Pro

See exactly how your profile matches this role — strengths, skill gaps, and what to do about them.

SatoshiLabs s.r.o.

Visit Website

About SatoshiLabs s.r.o.

SatoshiLabs s.r.o. is a Czech Republic-based technology company founded in 2013 that created the first hardware wallet, the TREZOR, and develops security-first hardware and open-source software for cryptocurrency storage and authentication. The company also operates the Invity platform for comparing and purchasing digital assets, the Tropic Square secure chip project, and the Shamir backup standard. Headquartered in Prague, SatoshiLabs focuses on user-controlled security and open-source development, offering products that enable individuals to safeguard private keys and digital identity without relying on third-party custodians.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.