COMPANY OVERVIEW

About Built

Built is the AI-powered platform transforming the way real estate is financed developed and managed. Purpose-built for real estate and construction Built began by fixing construction draw management for lenders and has grown into a comprehensive operating system addressing some of the industrys most complex challenges. Through its connected product suite Built enables stakeholders to finance develop build own and operate smarterall in one place. The platform brings together loans deals portfolios payments inspections and collaboration to deliver faster execution greater transparency efficiency and trust across the industry.

Today Built is a partner to more than 350 lenders over 80000 borrowers and owners and thousands of contractors powering 86000 active projects valued at more than $300 billion. Learn more at :

• Life At Built & Habitat Build
• Series D Financing Round
• Built Recognized in Two American Business Award Categories
• Built Secures Investment from Citi

Risk & Compliance Manager

Department: Information Security & Risk

We are seeking a Risk & Compliance Manager who thrives at the intersection of security compliance operations risk management and cross-functional collaboration. This role is both strategic and hands-on owning key components of Builts SOC program client assurance processes and ongoing governance responsibilities across the organization.

Role Overview

The Risk & Compliance Manager supports and maintains Builts security and compliance posture by managing external audits client due diligence engagements compliance tooling and recurring risk and controls activities. This highly visible role works closely with teams across Security IT Engineering Product Payments HR and Operations to ensure Built remains audit-ready and aligned to industry and regulatory expectations. This is an individual contributor role with no direct people management responsibilities.

Key Responsibilities

Client Due Diligence & External Assurance

• Respond to and manage client security assessments questionnaires and due-diligence requests.
• Provide compliance documentation and evidence through Builts Trust Center.
• Participate in client review meetings and coordinate internal follow-ups as needed.

SOC 1 & SOC 2 Audit Program Management

• Coordinate the full lifecycle of Builts annual SOC 1 and SOC 2 audits including evidence collection stakeholder scheduling and auditor communication.
• Maintain Builts control environment within Drata and ensure ongoing audit readiness.

Trust Center Ownership

• Administer Builts Trust Center (Conveyor) ensuring documents policies and audit materials are accurate and up-to-date.
• Manage client access requests and support users with navigation and content inquiries.

Payments Compliance Support

• Support annual payments compliance activities (e.g. AML/Sanctions training Nacha audit) in partnership with external consultants and internal stakeholders.
• Conduct periodic internal reviews of payments processes to ensure adherence to policies and partner expectations.

Policy & Documentation Governance

• Manage the lifecycle of Builts policies and procedures ensuring updates annual reviews and publication to the Trust Center.
• Maintain core compliance documentation including audit records incident logs attestations and internal reporting.

Compliance Controls & Operational Oversight

• Support ongoing monitoring and upkeep of compliance and security controls across the organization.
• Track and coordinate recurring compliance tasks managed through Jira automations.

Training & Awareness Programs

• Partner with Learning & Development to manage annual and onboarding compliance/security training and ensure completion across the organization.

Vendor & Risk Management

• Participate in vendor reviews within the procurement process and maintain the Significant Vendor Index.
• Support the annual enterprise risk assessment and track mitigation activities.

Privacy & Data Requests

• Manage inbound data subject access requests (DSARs) and coordinate responses in alignment with regulatory and internal requirements.

Qualifications

• 7-8 years of experience in security compliance audit readiness or risk management.
• Hands-on experience with SOC 2 or similar frameworks (ISO 27001 PCI SOX).
• Strong understanding of control requirements and evidence validation.
• Excellent communication and documentation skills.
• Experience with compliance platforms such as Drata Vanta AuditBoard or similar.
• Ability to manage multiple concurrent projects deadlines and stakeholders.

Preferred

• Experience in fintech SaaS or other regulated industries.
• Knowledge of payments compliance (AML sanctions ACH/Nacha).
• Experience supporting client due-diligence engagements.
• Familiarity with security and risk frameworks (NIST CIS SOC).
• Experience with Conveyor Jira and vendor management tools (Zip).

What Youll Bring

• Strong organizational and analytical skills with exceptional attention to detail.
• Ability to translate compliance requirements into clear actionable guidance.
• A collaborative mindset and comfort working across technical and non-technical teams.
• A proactive approach to identifying risks gaps and opportunities for improvement

Builts salary range for this position is $90000 - $140000 USD per year. The pay range is designed to accommodate upward mobility in the role therefore it encompasses the full span of proficiency levels for this role and we believe that the midpoint of the range is competitive in the market. Salary is just one component of Builts total compensation package for employees. Your total rewards package at Built will include equity top-notch medical dental and vision coverage an unlimited PTO policy and other benefits.

Perks:

• The rare opportunity to radically disrupt a $1.5T industry
• Competitive benefits including: uncapped vacation health dental & vision insurance
• 401k with match and expedited vesting
• Robust compensation package including equity in the form of stock options
• Flexible working hours paid family leave ERGs & Mentorship opportunities
• Learning grant program to support ongoing professional development

Built brings together passionate people who are driven in a variety of disciplines each bringing their unique perspective to everything they do.

Were committed to building a safe inclusive workplace where every employee can succeed and we recruit hire and promote fairly - without bias based on race color religion sex sexual orientation gender identity marital status veteran status or any other characteristic protected by law.

Greenhouse Disclosure

When you apply to a job on this site the personal data contained in your application will be collected by Built Technologies (Controller). Your personal data will be processed for the purposes of managing Controllers recruitment related activities which include setting up and conducting interviews and tests for applicants evaluating and assessing the results thereto and as is otherwise needed in the recruitment and hiring processes.

Your personal data will be shared with Greenhouse Software Inc. a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controllers behalf.

Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for current or future employment. You have the right to request access to your personal data to request that your personal data be rectified or erased and to request that processing of your personal data be restricted. You also have to right to data portability.

If you would like to contact Controller to ask questions surrounding processing of your personal data or to make a request you can send an email to.

For California residents: Please note that Controller does not sell your personal data or share it with third parties outside of Greenhouse Software Inc.