Compliance Manager

Description

TrueNAS is redefining enterprise storage by delivering proven data resilience, performance, and flexibility without the complexity or constraints of legacy solutions. As the most deployed storage platform in the world, TrueNAS already powers critical data storage infrastructure for businesses, research institutions, and government agencies across 140+ countries and millions of users. Our mission is simple: to become the most trusted name in data storage.

Originally founded in Silicon Valley in 2002 under the name iXsystems, TrueNAS is a profitable, independent company with a culture rooted in trust, curiosity, technical excellence, and continuous improvement. Whether you work remotely or on-site, you’ll be part of a team that values collaboration and meaningful impact - where people come before profit, and bold ideas drive the future of data infrastructure.

If you’re ready to help shape the future of enterprise storage, we’d love to connect.

Position Overview: As the Compliance Engineer / Compliance Manager at TrueNAS, you will play a critical role in ensuring our products, systems, and business processes meet applicable global regulatory, cybersecurity, and industry standards. This position is responsible for developing, implementing, and maintaining compliance frameworks across hardware, software, security, and operational domains. You will work cross-functionally with Product Management, Engineering, IT, Operations, Supply Chain, Human Resources and Legal to ensure proactive compliance readiness while enabling innovation and growth.

This role requires strong technical understanding, regulatory expertise, and the ability to translate complex requirements into actionable, scalable business processes.

This is an in-office role based out of our Makati office. The schedule for this position is Monday - Friday | 10pm - 7am PHT.

Base Pay Range

The base pay range of this position is ₱114,755 to  ₱123,900 per month.  Additional compensation through the Incentive Bonus Program is available for this position after successfully completing 6-months of employment. 

Please note that the provided range reflects the pay spectrum for positions within the same job category as the one to which this position belongs. The final offer will consider various factors, such as location, education, and prior experience, to ensure a comprehensive and fair compensation assessment. 

TrueNAS offers a comprehensive package of benefits including health, dental, vision, paid time off, and stock options. 

Expected Posting Timelines

This position will be open for a minimum of 5 days, a maximum of 90 days.

The Day-to-Day

Quality Management System (QMS) & Standards Support

Assist in the ongoing development and maintenance of the corporate Quality Management System (QMS), ensuring alignment with ISO 9001 standards as a foundation for broader regulatory compliance

Coordinate the translation of ISO 9001 requirements into actionable internal policies, procedures, and work instructions for cross-functional teams in regulatory compliance.

Support organizational readiness for regulatory compliance, ISO 9001 certification audits and surveillance visits by organizing documentation, tracking non-conformances, and facilitating preparation activities.

Collaborate as a Quality & Compliance liaison on new process development project teams, providing guidance to ensure new workflows adhere to regulations and established ISO 9001 principles.

Product Regulatory Compliance

Lead compliance for global product certifications and regulatory approvals including CE, FCC, IC, CB Scheme, UL, TÜV, and related safety and EMC standards.

Coordinate and manage relationships with accredited test laboratories and certification bodies to ensure timely product launches.

Oversee product testing, certification submissions, technical construction files (TCF), Declarations of Conformity (DoC), and labeling requirements. 

Ensure ongoing compliance for hardware products throughout the product lifecycle, including design changes and new product introductions (NPI).

Partner with Product Management, Engineering and Supply Chain to obtain and validate required compliance declarations and component-level certifications from vendors.

Cybersecurity & IT Compliance Coordination

Act as the primary compliance liaison for IT and Engineering to define the scope and requirements for frameworks such as ISO 27001, NIST SP 800-171, CMMC 2.0, Cybersecurity Essentials Plus and SOC 2.

Coordinate the initial scoping, gap assessments, and readiness reviews, providing the roadmap for IT to execute technical control implementation

 Facilitate the development and maintenance of System Security Plans (SSP), Plan of Action and Milestones (POA&Ms), and supporting evidence repositories in collaboration with technical owners.

Monitor evolving cybersecurity and defense-related regulatory requirements (e.g., CMMC, DFARS, and FAR updates) and communicate organizational impacts to leadership.

Ensure that technical security work performed by IT meets the documentation and evidentiary standards required for successful third-party audits.

Environmental & Chemical Compliance

Ensure compliance with global environmental and chemical regulations including RoHS, REACH, WEEE, PPWR, PFAS, and related directives.

Support environmental management system initiatives and documentation aligned with ISO 14001.

Oversee material declarations, substance reporting, and environmental documentation across the product portfolio.

 Coordinate with suppliers and partners to ensure proper environmental certifications and disclosures are maintained.

Global Multi-Site Health & Safety Compliance Support

Assist in the oversight of Health and Safety (H&S) compliance across all global facilities (US, Philippines, and EU), ensuring that localized safety protocols align with both regional regulations and corporate standards.

 Support the monitoring and interpretation of evolving safety regulations (such as OSHA in the US, DOLE in the Philippines, and EU-HSA standards) to ensure the organization remains compliant as it scales into new regions.

Collaborate with local site leads to facilitate the documentation of risk assessments and safety audits, ensuring that all findings and corrective actions are centrally tracked within the corporate compliance framework.

Liaise with international teams to ensure consistent H&S reporting and documentation practices, providing a centralized compliance view of safety performance across the global organization.

 Support the development of standardized safety onboarding and training modules, ensuring they are adapted to meet the specific legal requirements of each operating region.

Risk Management & Governance

Identify, assess, and manage compliance-related risks across products, supply chain, cybersecurity, and operations.

 Develop and implement mitigation strategies and monitor risk treatment effectiveness.

Continuously monitor global regulatory changes and proactively assess their impact on TrueNAS products and operations.

Navigate through new or unknown regulations, performing initial research and defining compliance pathways for emerging markets or requirements.

Engage and manage external consultants, legal advisors, and third-party experts to bridge knowledge gaps or support complex certification efforts.

Serve as the primary point of contact for third-party auditors, certification bodies, and regulatory agencies during assessments.

Audit & Compliance Program Management

Plan, coordinate, and lead internal and external compliance audits and certification assessments.

Conduct internal compliance reviews and risk-based assessments to ensure ongoing organizational readiness.

Lead corrective and preventive action (CAPA) efforts in response to audit findings, ensuring cross-functional owners complete required remediations

 Maintain centralized documentation, evidence repositories, and compliance records in accordance with regulatory and QMS requirements.

Cross-Functional Collaboration & Enablement

Partner with Engineering, IT, Operations, Legal, Sales, and Support to ensure compliance requirements are clearly understood and operationalized.

Support customer compliance inquiries, including RFPs, RFQs, security questionnaires, and due diligence requests.

Provide regulatory impact analysis for new products, features, markets, and supply chain changes.

Promote a culture of compliance awareness, accountability, and continuous improvement throughout the

organization.

Education and Experience

We have identified the following programs, experience, and knowledge that have helped others find success in this role at TrueNAS. We understand, though, that knowledge comes from many forms of learning and experiences. Above all, we consider a person’s potential impact in the role and value their unique path to this point in their career.

Bachelor’s degree in Engineering, Information Security, Regulatory Affairs, Environmental Science, Quality, or a related technical field, or equivalent professional experience.

 Minimum 5–8 years of experience in regulatory compliance, product certification, cybersecurity compliance, or a related governance role within a technology, hardware, or manufacturing environment.

 Experience working within an ISO 9001-certified environment, with familiarity in structured document control, corrective action processes, and audit readiness practices.

Demonstrated experience managing global product certifications (e.g., CE, FCC, UL, TÜV) and coordinating with accredited test laboratories.

Experience supporting or coordinating compliance efforts for ISO 27001, NIST 800-171, CMMC 2.0, CE +, SOC2, or similar frameworks.

Experience leading or supporting external audits and third-party assessments, including managing corrective action plans.

Experience working cross-functionally with Engineering and IT teams to scope and coordinate compliance initiatives.

Professional certifications such as CISA, CISSP, CISM, ISO 9001/27001/14001 Lead Auditor, Certified Compliance & Ethics Professional (CCEP), or similar are a plus.

Equal Employment Opportunity:

iXsystems DBA TrueNAS, Inc. provides equal employment opportunities to all employees and applicants in all company facilities without regard to race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental and intellectual disability, age, military status or status as a Vietnam-era or special disabled veteran, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer-related or HIV/AIDS-related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.