Compliance Director

New York, NY
Full Time
Experienced

Who we’re looking for… 

  • Title: Compliance Director
  • Team: Compliance 
  • Reports To: CEO
  • Supervisory Responsibility: This role does not currently have FTE direct reports. This role is expected to be the owner of any required compliance relationships, specifically with any external partners if/when applicable. 
  • Location: New York City or easy commute to in-office NYC multiple days per week. Knit is a New York, US-based company with a hybrid working policy with team members in the US and India. Our standard business operating hours are Monday - Friday 9am - 5pm EST.
  • Travel: This role will not be expected to travel, with the exception of Knit’s All Team US Summit 1x/year.

A little about us… 

Knit is the AI-native consumer research platform helping brands automate and accelerate primary research. With our Researcher-Driven AI, we’ve condensed the entire quant + qual research process from weeks into days (sometimes hours!) for 50+ enterprise brands — including Amazon, T-Mobile, Mars, NASCAR, and more. We’re on a mission to scale and democratize world-class research. From survey generation to stakeholder-ready reports, our platform is redefining how insights teams operate — and we need your help to push the limits of what’s possible.

Overview

Knit’s Compliance Director accelerates revenue by securing the privacy, security, and compliance foundations needed for Enterprise trust and faster deal cycles. It reduces organizational risk through strong certification management, audit readiness, and streamlined contract and security review processes. Ultimately, this leader enables Knit to scale responsibly and competitively while maintaining customer confidence and operational excellence.

Responsibilities | What you will own… 

Success is measured by timely achievement of security certifications, efficient risk mitigation and contract execution, and strong privacy compliance that earns customer trust, reduces business friction, and contributes to revenue growth.

Key performance indicators for this team & role:

  • Compliance & Risk measured by: 
    • % completion of readiness tasks, % of controls implemented, and/or achieving/renewing agreed upon certification(s) by target date(s)
    • Risk Register Management – % of identified risks with mitigation plans and owners; time to close high-severity risks
    • Audit & Assessment Outcomes – Number of findings during internal/external audits and % resolved within agreed upon timelines
  • Enterprise Onboarding Velocity measured by: 
    • Security Questionnaire Turnaround Time – Time from request to full execution, ultimately contributing to reduction in overall sales cycle time 
      • % of security/compliance questionnaires completed within SLA and without blocking deals
      • Automation Velocity → % of forms completed automatically through AI tooling vs manual input
  • Privacy & Data Protection measured by: 
    • Data Subject Request (DSR) SLA Compliance – % of data subject rights requests responded to within required timeframe            
    • Privacy Incident Response Time – Average time from detection to containment and notification (if required)  
    • Employee Privacy Training Completion – 100% of workforce trained annually on privacy and security practices

Key responsibilities… 

  • Risk Mitigation & Compliance Leadership 
    • Lead proactive, end-to-end compliance initiatives across the organization, driving adoption, operational excellence, and informed executive decision-making.
    • Build strong cross-functional collaboration with Research Ops, HR, Engineering, AI, Finance, and the Executive Team to embed privacy, security, and compliance into core operations.
    • Continuously monitor, assess, and report on compliance risks while providing strategic guidance and implementing effective controls to maintain program effectiveness.
  • Strategic Business Enablement by driving achievement in Net New Compliance Frameworks & Maintaining Existing Ones: 
    • Execute the necessary controls to procure and maintain agreed upon frameworks:
      • Current Frameworks: GDPR, SOC 2 Type II, HIPAA, COPPA
      • Future Frameworks: ISO 27001, Other Global Privacy & Security Requirements 
    • Serve as advisor to the executive team on determining which frameworks, security, privacy, and compliance needs to go after to drive business strategy forward and ultimately achieve company revenue goals 
  • Enterprise Customer & Vendor Onboarding
    • Effectively contribute to the reduction in sales cycle time by efficiently reviewing and completing infosec vendor onboarding requirements
    • Leverage and collaborate with Knit outside counsel when applicable to support vendor onboarding such as DPAs or other infosec requirements 
  • Office Compliance Lead: 
    • Serve as the compliance owner for Knit’s dedicated, in-person office space in NYC, ensuring workplace operations meet applicable safety, security, privacy, and facilities-related regulatory requirements, and coordinating necessary policies, training, and audits with HR and Business Operations
  • Driving Internal Knit Team Education:
    • Providing guidance to employees on compliance matters for both internal operations questions as well as customer-related questions
    • Writing and sending asynchronous annual compliance education to the organization
    • Conducting annual compliance requirements 

Required Skills & Experiences

  • Proven Track Record of 5+ years of Security, Compliance & Privacy Leadership for US-based, B2B SaaS companies, including experience in international privacy in EMEA and APAC 
    • Hands-on experience designing and maintaining compliance programs (e.g., ISO 27001, SOC 2, HIPAA) and acting as Data Protection Officer (DPO) or equivalent under GDPR/CCPA
    • Strong understanding of compliance, privacy, data security, and regulatory obligations for B2B SaaS companies serving Global Enterprise Customers
    • Professional certifications like Certified Compliance and Ethics Professional (CCEP) or Certified Regulatory Compliance Manager (CRCM) is a plus  
    • Specialized knowledge in market research technology is a plus
  • Proven Track Record of Strategic & Cross-Functional Collaboration
    • Track record of partnering with leadership and teams across product, security, finance, and operations to align compliance with business objectives.
    • Excellent communicator who can translate complex legal and regulatory requirements into practical, scalable processes.
  • Proficient in Drata
  • Highly independent and overcommunicative leader, who can distill complex challenges into clear communications to inform executive decision-making or drive their own decision-making 
  • High level of integrity and ethical standards
  • Adaptability to rapidly changing business needs with the ability to overcommunicate and overdocument along the way 
  • Extreme attention to detail and ability to manage multiple projects and stakeholders simultaneously

Benefits

Upon joining the Knit team, you will receive a competitive salary, Equity Options, Healthcare (medical, dental, and vision), and Additional Coverage, a company laptop and one-time, onboarding Technology Stipend, a 401(k) with company match, flexible time-off, hybrid working, and more!

Our Company Values

We are the Championship Team. This means we:

  • Are 1% better every day: We approach situations with a growth mindset and ask, “How can we make the business better?” and “What would it take?” 
  • Play to win: We set audacious goals and push ourselves to achieve them with a bias towards action  (When we see a need, we take initiative, and hold ourselves accountable to seeing it through).
  • Keep the main thing the main thing: Identify what has the biggest impact and prioritize to focus on it.
Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status


Human Check*