Security Compliance Manager

Tropic Square is building the world's first transparent, auditable security chip. Our engineering team knows how to build it. Now we need to make sure the company and the product meet the regulatory requirements that will define the market for the next decade.

### What You'll Do - **Own the compliance transformation programme.** You’ll deliver Tropic Square's CRA compliance and EUCC certification programme end-to-end. You’ll build the master plan, set milestones, track progress, report to the CEO, resolve blockers, and re-plan when needed. - **Drive internal execution.** Engineering teams documenting security architectures, process owners implementing SDL requirements, legal reviewing the Declaration of Conformity, operations setting up CSIRT procedures. You’ll coordinate them so everyone knows what is needed, by when, and why. You’ll own the internal action log and follow up relentlessly. - **Manage the advisory relationship.** You’ll turn our external consultants’ recommendations on CRA, Common Criteria, IEC 62443, ISO 9001/27001/14001, and EUCC into clear internal tasks. You’ll ensure consultants get the inputs they need and challenge outputs that are missing, off-scope, or not fit for purpose. - **Coordinate across functions.** Compliance transformation touches every part of the company: engineering, product, legal, finance, and leadership. You’ll run working groups, prepare CEO decision materials, align stakeholders on priorities, and keep everyone ahead of upcoming requirements, risks, and decisions. - **Track risks, costs, and decisions.** You’ll maintain a live view of the programme's risk register, budget consumption, and open decisions. You’ll surface issues early and frame them clearly: what is the risk, what are the options, what is your recommendation. You do not wait to be asked.

### Who You Are You may come from programme management, consulting, operations, or a technical role where you ended up driving the project. What matters: - **You get things done without formal authority.** You’ve coordinated cross-functional programmes before, you can build trust quickly, keep busy stakeholders aligned, escalate without burning bridges, and make it easy for others to do what you need them to do. - **You can manage expert advisors without being one yourself.** You know how to work with consultants: ask sharp questions, challenge outputs constructively, and turn their recommendations into internal action without losing anything in translation. - **You are structured and persistent.** Complex programmes with many moving parts don't intimidate you — they motivate you. You maintain clarity on what needs to happen, who owns it, and by when. Details do not fall through the cracks. - **You communicate up and across with equal ease.** You can prepare a clear and concise executive summary for the CEO and discuss technical topics with engineers in a way that builds trust. You understand that how you communicate is just as important as the message itself. - **You learn fast.** You don't need to be a certification expert and you don’t need to know AVA_VAN.3 on day one, but you can quickly understand CRA, Common Criteria, IEC 62443, and ISO standards well enough to manage the programme.

### Why Join Us - **Ownership:** You’ll run one of Tropic Square's most strategic programmes. Its outcome directly affects when TROPIC02 can go to market. - **Direct access:** You’ll report directly to the CEO. No bureaucratic layers. You have the mandate and the visibility to make things happen. - **A genuinely hard problem:** CRA compliance and EUCC certification for a hardware security product are among the most complex regulatory challenges in the industry at the moment. It requires programme management at its best. - **The team:** You’ll work alongside the founders behind Trezor and a world-class engineering team for whom security is not a marketing message — it is a way of thinking.

SatoshiLabs is a Czech technology holding company that develops hardware and software innovations in cryptocurrency and open-source security, including the world's first cryptocurrency hardware wallet Trezor. It focuses on bitcoin-first solutions for self-sovereignty, digital security, and decentralized finance, with products like Trezor wallets, Tropic Square secure chips, and other crypto tools serving users worldwide.