SecurityComplianceManager

Tropic Square https://www.tropicsquare.com is building the world's first transparent, auditable security chip. Our engineering team knows how to build it. Now we need to make sure the company and the product meet the regulatory requirements that will define the market for the next decade. TROPIC02, our upcoming production chip, must comply with the EU Cyber Resilience Act, pass EUCC certification under the Common Criteria, and hold up to external audit. We have engaged a specialist advisory firm to provide the regulatory and certification expertise. What we need internally is a Security Compliance Manager who makes the transformation actually happen — owns the programme, drives execution across the company, and ensures nothing falls through the cracks between our engineering, legal, management, and external consultants. This is not a policy-writing role. It is a delivery role. 👉 WHAT YOU'LL DO - Own the compliance transformation programme. You’ll deliver Tropic Square's CRA compliance and EUCC certification programme end-to-end. You’ll build the master plan, set milestones, track progress, report to the CEO, resolve blockers, and re-plan when needed - Drive internal execution. Engineering teams documenting security architectures, process owners implementing SDL requirements, legal reviewing the Declaration of Conformity, operations setting up CSIRT procedures. You’ll coordinate them so everyone knows what is needed, by when, and why. You’ll own the internal action log and follow up relentlessly - Manage the advisory relationship. You’ll turn our external consultants’ recommendations on CRA, Common Criteria, IEC 62443, ISO 9001/27001/14001, and EUCC into clear internal tasks. You’ll ensure consultants get the inputs they need and challenge outputs that are missing, off-scope, or not fit for purpose - Coordinate across functions. Compliance transformation touches every part of the company: engineering, product, legal, finance, and leadership. You’ll run working group