Own and strengthen our controls environment, ensuring compliance
Support and mature our GRC program, including SOC 2 operations and alignment with broader security frameworks such as NIST.
Build and maintain our Business Continuity and Disaster Recovery program, including BIAs, continuity plans, and recovery runbooks.
Conduct vendor and third-party risk assessments as we expand our global network of partners.
Support MiCA licensing and U.S. Money Transmitter License applications through due diligence, regulatory responses, and compliance reporting.
Manage the security issue lifecycle, driving remediation efforts and partnering with teams to reduce risk.
Requirements
We combine a powerful orchestration engine with a seamless consumer app to unlock liquidity for the world.
experience in an operating environment, with a track record of building and managing compliance programs—not just auditing them.
Deep familiarity with one or more major frameworks, such as SOC 2, NIST, PCI, MiCA, NYDFS, or CCPA. •
Experience building or maturing Business Continuity and Disaster Recovery programs, with a strong understanding of how business impact assessments inform recovery strategies.
Regularly uses AI tools to increase efficiency and improve outcomes across areas such as policy development, process monitoring, or program management. •
Experience in fintech, crypto, payments, or other regulated industries is a plus, as is familiarity with GRC platforms such as Vanta, Drata, or Archer.
Experience
3–5 years of hands-on GRC
Benefits
The annual base salary range for this role is $130,000-$175,000 in San Francisco and New York.
The compensation range provided may span multiple career levels and will be narrowed during the interview process based on factors including a candidate’s experience, skills, qualifications, and geographic location.
For candidates outside of San Francisco and New York, compensation will be adjusted to reflect the applicable market and location-based pay band.
The base salary range listed excludes commission (if applicable), equity, and benefits.
The pay range represents the minimum and maximum target for new-hire compensation.
Actual compensation may vary and may be higher or lower depending on individual circumstances.
That starts with competitive salary and equity that grows as you and the company grow, plus comprehensive health coverage for you and your family.
We offer unlimited PTO—and we mean it.
Mesh Pay is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status.
Additional details
At Mesh, our mission is to enable consumers to pay and be paid with any asset.
Today, trillions of dollars in tokenized assets exist but remain largely unusable for everyday commerce.
Mesh is bridging this gap by making crypto payments reliable, useful, and ubiquitous.
Backed by leading investors like PayPal Ventures, Paradigm, and Galaxy Ventures, we are building the infrastructure for the next era of the global economy. Join us! Overview
At Mesh, we're connecting hundreds of exchanges, wallets, and financial platforms into a single open network, and this role will be instrumental in ensuring we scale securely, responsibly, and with trust at the center of everything we do.
As we continue to grow, you'll play a key role in shaping and maturing our GRC program across initiatives including SOC 2, MiCA licensing, and Money Transmitter Licenses throughout the U.S.
This is a hands-on role with meaningful ownership—from managing day-to-day controls and strengthening core compliance processes to partnering closely with our Head of Security and GRC lead to navigate an increasingly complex regulatory landscape.
We're looking for someone who enjoys rolling up their sleeves, building programs that scale, and contributing to the infrastructure powering the next generation of global payments. What You'll Do
requirements are effectively implemented and maintained.
Help standardize policies, controls, and compliance processes that can scale across jurisdictions and regulatory frameworks. Who You Are