1

Compliance Risk Management Jobs in Florida (NOW HIRING)

Compliance & Risk Manager

FL ยท On-site +1

$95K - $105K/yr

The Compliance & Risk Manager is responsible for managing and executing Blossom's compliance and ... Audit & Certification Management * Own the end-to-end SOC 2 Type II audit lifecycle: scope ...

Leads and executes compliance risk management activities to reasonably ensure compliance with the Enterprise Compliance Management Policy and Framework. ESSENTIAL DUTIES AND RESPONSIBILITIES ...

The Compliance and Risk Manager conduct internal audits, leads external and health plan audit ... Risk Management * Conduct enterprise risk assessments and maintain the organization's risk register.

Compliance Manager

Miami, FL ยท On-site

$120K/yr

The Compliance and Risk Manager conduct internal audits, leads external and health plan audit ... Risk Management * Conduct enterprise risk assessments and maintain the organization's risk register.

The Risk Management Director is responsible for the strategic oversight, execution, and continuous ... Ensure compliance with all applicable insurance regulations and internal policies. Maintain ...

Collaborate with legal and business unit teams to ensure contract compliance and documentation of ... Demonstrate working knowledge of risk management principles and insurance coverages, including ...

next page

Showing results 1-20

Compliance Risk Management information

See Florida salary details

$28.8K

$71.1K

$117.3K

How much do compliance risk management jobs pay per year?

As of Jul 13, 2026, the average yearly pay for compliance risk management in Florida is $71,070.00, according to ZipRecruiter salary data. Most workers in this role earn between $52,300.00 and $87,100.00 per year, depending on experience, location, and employer.

What is the highest paying job in compliance?

The highest paying roles in compliance often include Chief Compliance Officer (CCO) and Director of Compliance, with salaries exceeding $150,000 annually. These positions require extensive experience, leadership skills, and often industry-specific certifications such as Certified Compliance & Ethics Professional (CCEP).

What is the difference between Compliance Risk Management vs Compliance Analyst?

AspectCompliance Risk ManagementCompliance Analyst
CertificationsCertified Compliance & Ethics Professional (CCEP), Certified Risk Management Professional (CRMP)Certified Compliance & Ethics Professional (CCEP), Certified Regulatory Compliance Manager (CRCM)
Work EnvironmentFocuses on risk assessment, policy development, and strategic compliance planningConducts audits, monitors compliance, and reports findings
Employer & Industry UsageUsed in financial, healthcare, and corporate sectors for risk oversightCommon in financial services, healthcare, and regulatory agencies for day-to-day compliance tasks

Compliance Risk Management involves strategic oversight of compliance risks and policy development, while Compliance Analysts focus on executing compliance audits and monitoring. Both roles are essential but differ in scope and responsibilities within organizations.

Will compliance be replaced by AI?

Compliance risk management professionals use AI tools to automate data analysis, monitor regulations, and identify potential risks more efficiently. While AI can augment compliance functions, human oversight remains essential for interpreting complex regulations and making judgment-based decisions. AI is a complement, not a complete replacement, for compliance roles.

How does a Compliance Risk Management professional typically collaborate with other departments within an organization?

Compliance Risk Management professionals work closely with departments such as Legal, Internal Audit, Operations, and IT to ensure company policies and procedures meet regulatory requirements. They often coordinate cross-functional meetings to assess risks, develop mitigation strategies, and implement compliance training. This collaborative approach helps identify potential compliance gaps early and ensures the organization maintains a culture of ethical conduct and regulatory adherence. Effective communication and partnership with various teams are essential to proactively manage risks and respond to regulatory changes.

What are the key skills and qualifications needed to thrive in Compliance Risk Management, and why are they important?

To thrive in Compliance Risk Management, you need a solid understanding of regulatory requirements, risk assessment, and industry standards, often backed by a degree in law, finance, or a related field. Familiarity with compliance management systems, risk analysis tools, and certifications such as Certified Compliance & Ethics Professional (CCEP) or Certified Risk Manager (CRM) are typically required. Strong analytical thinking, attention to detail, and effective communication are vital soft skills for this role. These skills and qualifications help ensure organizations remain compliant, minimize risk exposure, and maintain their reputational integrity.

What is Compliance Risk Management?

Compliance Risk Management refers to the process of identifying, assessing, and mitigating risks that arise from failing to comply with laws, regulations, and internal policies. Professionals in this field ensure that organizations operate within the legal frameworks and ethical standards relevant to their industry. They develop policies, conduct audits, and provide training to reduce the risk of violations, which can lead to legal penalties, financial losses, or reputational damage. Effective compliance risk management helps organizations maintain trust with stakeholders and avoid costly regulatory issues.

Is compliance and risk management a good career?

Compliance risk management is a valuable career that involves ensuring organizations adhere to laws, regulations, and internal policies. It requires strong analytical skills, attention to detail, and often involves certifications like Certified Compliance & Ethics Professional (CCEP). The field offers opportunities across various industries with steady demand and potential for advancement.

What does a compliance risk manager do?

A compliance risk manager is responsible for identifying, assessing, and mitigating risks related to regulatory compliance within an organization. They develop policies, monitor adherence to laws and regulations, and implement controls to prevent violations, often using tools like compliance management software. Strong analytical skills and knowledge of industry regulations are essential for this role.
What are the most commonly searched types of Compliance Risk Management jobs in Florida? The most popular types of Compliance Risk Management jobs in Florida are:
What cities in Florida are hiring for Compliance Risk Management jobs? Cities in Florida with the most Compliance Risk Management job openings:
Infographic showing various Compliance Risk Management job openings in Florida as of July 2026, with employment types broken down into 1% As Needed, 79% Full Time, 14% Part Time, 2% Temporary, and 4% Contract. Highlights an 93% Physical, 2% Hybrid, and 5% Remote job distribution, with an average salary of $71,070 per year, or $34.2 per hour.
Compliance & Risk Manager

Compliance & Risk Manager

Blossom

FL โ€ข On-site, Remote

$95K - $105K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 12 days ago


Job description

Job Description
FLSA Classification: Exempt
Reports To: Chief Financial Officer (CFO)
Job Summary:
The Compliance & Risk Manager is responsible for managing and executing Blossom's compliance and risk management programs. Reporting to the CFO, this role oversees day-to-day compliance operations across all regulatory, security, and audit functions-including SOC 2 Type II, PCI DSS, and all compliance obligations associated with Blossom's hardware and software products while maintaining a risk management framework that identifies, tracks, and mitigates operational, financial, regulatory, and strategic risks. This role collaborates closely with Engineering, Product, Legal, HR, and Operations to support a culture of compliance and risk awareness across the organization. This role works in close partnership with the IT and Infrastructure function, which retains ownership of technical security controls, HSM/key management, and PCI Security; the Compliance & Risk Manager owns program management, audit coordination, the enterprise risk framework, and policy.
Supervisory Responsibilities:
  • Support the recruitment and onboarding of compliance and risk staff; provide day-to-day guidance and oversight to any direct reports within the function.

Duties/ Responsibilities:
Audit & Certification Management
  • Own the end-to-end SOC 2 Type II audit lifecycle: scope definition, control design, evidence collection, auditor coordination, and remediation tracking.
  • Lead PCI DSS compliance efforts across applicable business units, including scope management, gap assessments, and coordination with Qualified Security Assessors (QSAs).
  • Manage relationships with external auditors, assessors, and certification bodies; serve as primary point of contact during audit engagements.
  • Maintain a comprehensive controls inventory; ensure all controls are documented, tested, and operating effectively.
  • Track and manage audit findings and remediation plans through to closure in collaboration with control owners.

Enterprise Risk Management
  • Manage and maintain the enterprise risk management (ERM) framework, ensuring risks across operational, regulatory, financial, strategic, and technology domains are identified, assessed, prioritized, and tracked.
  • Maintain and update the company-wide risk register; coordinate with risk owners to ensure mitigation and remediation plans are tracked to resolution.
    • Conduct periodic enterprise risk assessments; summarize findings and risk trends for CFO review.
    • Collaborate with Product, Engineering, Finance, HR, and Operations to identify and flag risks associated with new initiatives, product launches, and process changes.
    • Support operational risk programs including business continuity planning (BCP), disaster recovery readiness, and incident response protocols in coordination with IT and Engineering.
    • Administer the third-party and vendor risk assessment process, evaluating vendors for security, financial stability, regulatory alignment, and contractual risk.
    • Monitor the evolving risk landscape-including emerging cyber threats, regulatory changes, and market developments-and flag potential impact to leadership.
    • Support the CFO in maintaining the company's risk appetite and tolerance thresholds; help ensure business decisions align with established risk parameters.
    • Respond to credit union client risk and security due diligence requests, including vendor questionnaires and risk assessments.
    • Maintain required risk documentation including the risk register, risk appetite statements, and reporting artifacts in a manner that supports executive review and external audit.

Regulatory & Policy Compliance
  • Monitor and interpret federal, state, and credit union-specific regulatory requirements applicable to Blossom's software and hardware products (e.g., NCUA guidance, FFIEC frameworks, GLBA, applicable state laws).
  • Maintain and update company-wide compliance policies, standards, and procedures; ensure alignment with regulatory requirements and industry best practices.
  • Conduct regular internal audits and control testing to evaluate compliance with applicable laws, regulations, and internal policies.

Hardware & Software Product Compliance
  • Ensure Blossom's hardware and software products comply with applicable regulatory standards, including security and interoperability requirements for financial technology solutions used by credit unions.
  • Collaborate with Product and Engineering teams to embed security and compliance requirements into the SDLC and hardware release processes.
  • Advise on compliance and risk implications of new product features, APIs, and data integrations with credit union core systems and third-party platforms.
  • Ensure the organization meets all data privacy requirements, including applicable provisions of state privacy laws and any credit union member data obligations.

Security Awareness & Training Oversight
  • Partner with HR to support compliance training integration into onboarding and ongoing employee development.
  • Promote a compliance- and risk-aware culture by supporting cross-functional teams with guidance on regulatory obligations and risk.

Oversee training completion tracking across mandatory platforms (e.g., NINJIO, Udemy Business) and ensure role-specific training obligations are met, including Swipe team PCI requirements.
  • Develop and deliver compliance communications, training materials, and policy updates to employees across all departments.
  • Coordinate with HR and department heads to ensure annual policy acknowledgments and required compliance certifications are completed on schedule.
  • Own the enterprise Security Awareness Training program, ensuring compliance with PCI DSS Requirement and other applicable mandates.

Reporting & Executive Partnership
  • Serve as a key point of contact for compliance and risk-related questions and escalations across the organization.
  • Provide regular updates to the CFO on the status of the compliance and risk programs, including audit outcomes, risk register updates, and remediation progress.
  • Prepare compliance metrics, risk dashboards, and audit findings summaries for CFO and executive review.
  • Coordinate with external auditors, regulators, and credit union compliance and risk stakeholders as the day-to-day point of contact.
  • Identify and escalate emerging compliance and risk issues to the CFO, with recommended mitigation steps and timelines.
  • Collaborate with Legal, Finance, HR, and Operations to support alignment of the compliance and risk programs with company strategy and growth objectives.
  • Performs other related duties as assigned.

Required Skills/ Abilities:
  • Deep knowledge of SOC 2 Trust Services Criteria (TSC) and experience leading or managing SOC 2 Type II audit engagements from preparation through report issuance.
  • Working knowledge of PCI DSS requirements and experience applying them within a fintech, payments, or software organization.
  • Familiarity with financial services regulatory frameworks including FFIEC, GLBA, NCUA guidelines, and applicable state consumer protection and data privacy laws.
  • Experience developing, implementing, and managing enterprise compliance policies, procedures, risk registers, and controls inventories.
  • Demonstrated experience building or managing an enterprise risk management (ERM) framework, including risk registers, risk appetite statements, and risk reporting.
  • Strong organizational and project management skills; able to manage multiple compliance and risk workstreams simultaneously with attention to detail.
  • Exceptional written and verbal communication skills; able to translate complex regulatory requirements into clear, actionable guidance for technical and non-technical audiences.
  • Experience partnering with Engineering and Product teams to embed compliance into software and product development processes.
  • Comfort with GRC platforms and risk management tools (e.g., Drata, Vanta, LogicGate, ServiceNow GRC, or similar).
  • High integrity, strong judgment, and the ability to operate as a trusted advisor to senior leadership.
  • Ability to navigate ambiguity and execute within a fast-growing fintech environment with evolving compliance and risk needs.
  • Proficiency with Google Workspace or Microsoft 365 and standard business productivity tools.

Education and Experience:
  • Bachelor's degree in Business, Finance, Legal Studies, Information Systems, or a related field required; Master's degree a plus.
  • Minimum 4+ years of progressive experience in compliance, risk management, audit, or related fields; experience within fintech, payments, or financial services strongly preferred.
  • 2 or more years of hands-on experience with SOC 2 audits (as preparer, auditee, or program contributor); experience with PCI DSS compliance strongly preferred.
  • 2 or more years of experience in a compliance, risk, or audit role with increasing responsibility, preferably in a growth-stage or mid-market company.
  • Prior experience working with or supporting credit unions, community financial institutions, or regulated financial services clients strongly preferred.
  • Experience supporting fintech, SaaS, or B2B technology companies serving regulated industries is a plus.
  • Relevant professional certifications strongly preferred: CISA, CISM, CRISC, CCEP, CIPP, CFE, or equivalent.

Physical Requirements:
  • Prolonged periods sitting at a desk and working on a computer.
  • Must be able to lift up to 15 pounds at times.

What We Offer:
  • Health, fully covered: Company-paid medical, dental, and vision insurance.
  • Life & AD&D: Company-paid life and accidental death & dismemberment coverage.
  • Income protection: Company-paid short- and long-term disability.
  • 401(k) with match: Save for the long run, and we'll match.
  • Remote allowance: Cell phone and internet connectivity expenses support.
  • Flexible spending: FSA and Dependent Care (DCSA) accounts to stretch your pre-tax dollars.
  • Unlimited PTO: Take the time you actually need.
  • Employee Assistance Program (EAP): Confidential support for life's harder moments.
  • Supplemental coverage: Voluntary insurance options to round out your plan.