• Deliver project plan and manage resources and progress to the project plan. • Perform GRC technical and functional duties as required by SafePaaS clients. • Setup internal controls environment based on SafePaaS client requirements. • Perform risk assessments. • Develop project plan and deliverables. • Perform testing and evaluation of controls. • Design and conduct internal audit test plans and write reports. • Perform business analyst tasks in order to deliver solutions that meet client needs. • Contribute to a strong client relationship through interactions with client personnel. • Understand engagement as it relates to client's business. • Demonstrate and apply knowledge in areas of industry or functional specialty. • Assume responsibility for client engagements. • Perform functional knowledge transfer to both clients and the employees within the organization. • Lead engagement planning and ensuring that products/deliverables meet contract/work plan. • Undertake all required administrative tasks to manage client engagements. • Mentor staff consultants in related areas. • Deliver presentations to clients. • Actively participate on sales calls to clients and prospective clients. • Assist in business development activities by aiding in the creation of proposals and performing needs analysis tasks. • Estimate time and cost required to accomplish a project. • Arrange specification meetings with project team workers to determine scope and limitations of projects. • Recognize and communicate opportunities to sell 'add-on' work to clients. • Contribute to a positive team attitude. • Contribute to SafePaaS Insight research to maintain thought leadership in the GRC area.

About Airwallex Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 200,000 businesses worldwide - including Brex, Rippling, Navan, Qantas, SHEIN and many more - with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale. Proudly founded in Melbourne, we have a team of over 2,000 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$8 billion and backed by world-leading investors including T. Rowe Price, Visa, Mastercard, Robinhood Ventures, Sequoia, Salesforce Ventures, DST Global, and Lone Pine Capital, Airwallex is leading the charge in building the global payments and financial platform of the future. If you're ready to do the most ambitious work of your career, join us. Attributes We Value We hire successful builders with founder-like energy who want real impact, accelerated learning, and true ownership. You bring strong role-related expertise and sharp thinking, and you're motivated by our mission and operating principles. You move fast with good judgment, dig deep with curiosity, and make decisions from first principles, balancing speed and rigor. You're humble and collaborative; turn zero-to-one ideas into real products, and you "get stuff done" end-to-end. You use AI to work smarter and solve problems faster. Here, you'll tackle complex, high-visibility problems with exceptional teammates and grow your career as we build the future of global banking. If that sounds like you, let's build what's next. About the team The Legal, Risk & Compliance (LRC) team at Airwallex is a collaborative group of legal minds and risk management experts. We're passionate about safeguarding Airwallex's operations, fostering a culture of compliance and ethical conduct, and ensuring we navigate the global financial landscape with integrity. We provide expert guidance and support to all areas of the business, proactively identifying, mitigating, and managing legal and financial risks. What you'll do We are hiring a Compliance Manager, FCC to oversee the execution of our day-to-day financial crime compliance operations in the United States. In this role, you will work closely with the US Deputy BSA Officer, managing the local execution of our compliance program. You will ensure accurate reporting, robust transaction monitoring, and operational adherence to the Bank Secrecy Act (BSA), the USA PATRIOT Act, and relevant State Money Transmission Laws. Who you are We're looking for people who meet the minimum qualifications for this role. The preferred qualifications are great to have, but are not mandatory. Responsibilities - Operational Management: Lead the day-to-day AML/CTF operations, including the oversight of customer onboarding (KYC/KYB), sanctions screening, and transaction monitoring alerts - SAR Preparation: Investigate suspicious activity and draft Suspicious Activity Reports (SARs) for review and submission by the BSA Officer - Program Implementation: Assist the BSA Officer in localizing global policies for the US market and ensuring controls are effectively implemented across the business - Regulatory Reporting: Oversee the accurate and timely preparation of reports to FinCEN and assist in gathering data for state regulatory examinations - Enhanced Due Diligence (EDD): Conduct deep-dive reviews on high-risk customers and complex business structures, providing recommendations to senior compliance leadership - Audit & Exam Support: Act as a key point of contact for gathering documentation and data during internal audits and state regulatory exams (e.g., NYDFS, CA DFPI) - Training: Deliver BSA/AML training to local sales and support teams and serve as the subject matter expert for internal staff inquiries - Policy Maintenance: Ensure local desk procedures and operational manuals are kept up to date with changing US federal and state regulations Minimum qualifications: - Experience: 6-8 years of financial crime/AML experience in US fintechs, MSBs, or payments companies - Regulatory Knowledge: Deep working knowledge of FinCEN regulations, the BSA, OFAC sanctions, and the USA PATRIOT Act - Operational Expertise: Proven track record in managing transaction monitoring workflows, clearing sanctions hits, and conducting EDD - Reporting: Experience drafting SAR narratives and managing regulatory reporting queues - Stakeholder Management: Strong skills to work with product, operations, and audit teams - Autonomy: Comfortable in high-autonomy, fast-paced environments, able to make operational decisions quickly Preferred qualifications: - Licensing Exposure: Familiarity with NMLS and State Money Transmitter License (MTL) reporting requirements - Certifications: CAMS or CFE - Language: Fluency in English is required; Spanish proficiency is considered an asset - Technical Aptitude: SQL/data skills for independent reporting and analysis Applicant Safety Policy: Fraud and Third-Party Recruiters To protect you from recruitment scams, please be aware that Airwallex will not ask for bank details, sensitive ID numbers (i.e. passport), or any form of payment during the application or interview process. All official communication will come from an @airwallex.com email address. Please apply only through careers.airwallex.com or our official LinkedIn page. Airwallex does not accept unsolicited resumes from search firms/recruiters. Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s). Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary. Equal opportunity Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don't regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know. #BI-Hybrid

About Airwallex Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 200,000 businesses worldwide - including Brex, Rippling, Navan, Qantas, SHEIN and many more - with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale. Proudly founded in Melbourne, we have a team of over 2,000 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$8 billion and backed by world-leading investors including T. Rowe Price, Visa, Mastercard, Robinhood Ventures, Sequoia, Salesforce Ventures, DST Global, and Lone Pine Capital, Airwallex is leading the charge in building the global payments and financial platform of the future. If you're ready to do the most ambitious work of your career, join us. Attributes We Value We hire successful builders with founder-like energy who want real impact, accelerated learning, and true ownership. You bring strong role-related expertise and sharp thinking, and you're motivated by our mission and operating principles. You move fast with good judgment, dig deep with curiosity, and make decisions from first principles, balancing speed and rigor. You're humble and collaborative; turn zero-to-one ideas into real products, and you "get stuff done" end-to-end. You use AI to work smarter and solve problems faster. Here, you'll tackle complex, high-visibility problems with exceptional teammates and grow your career as we build the future of global banking. If that sounds like you, let's build what's next. About the team The Legal, Risk & Compliance (LRC) team at Airwallex is a collaborative group of legal minds and risk management experts. We're passionate about safeguarding Airwallex's operations, fostering a culture of compliance and ethical conduct, and ensuring we navigate the global financial landscape with integrity. We provide expert guidance and support to all areas of the business, proactively identifying, mitigating, and managing legal and financial risks. What you'll do As the Director of Compliance Monitoring and Oversight, you will be the global architect of Airwallex's "Second Line of Defense" assurance function. You will lead a small, high-performing international team responsible for validating the effectiveness of our financial crime controls across all regions and products. While we have a robust foundation in place, this role is about taking our assurance capabilities to the next level. You will be responsible for maturing our global monitoring framework to ensure it is scalable, data-driven, and aligned with the complexities of our rapidly expanding footprint. You will move beyond box-ticking to provide strategic insights on control health to the Board and Senior Management, helping the business grow safely and sustainably. The role is based in San Francisco. Responsibilities - Global framework strategy: Own the strategic evolution of the Compliance Monitoring and Oversight framework. You will refine our global methodology for testing, sampling, and reporting to ensure it remains best-in-class and responsive to new regulatory expectations - Team leadership: Lead, mentor, and develop a global team of monitoring specialists. You will foster a culture of curiosity, rigor, and objective challenge - Annual assurance planning: Design and execute the Annual Compliance Monitoring Plan. You will utilize a dynamic, risk-based approach to prioritize testing activities across high-risk products, jurisdictions, and operational processes - Insight & reporting: Translate complex testing results into high-impact, actionable intelligence. You will provide regular reporting to the FCC and company leadership, highlighting trends, systemic issues, and remediation progress - Stakeholder partnership: Act as a strategic partner to Regional MLROs and First Line Operational leads. You will ensure that monitoring findings are constructive, clearly understood, and that remediation plans are practical and effective - Data-driven assurance: Drive the transition towards continuous monitoring and automated testing. You will champion the use of data analytics to identify risk trends that manual sampling might miss - Regulatory readiness: Ensure the monitoring program is audit-ready at all times and capable of standing up to scrutiny from top-tier global regulators (e.g., FCA, AUSTRAC, NY DFS, MAS) Who you are We're looking for people who meet the minimum requirements for this role. The preferred qualifications are great to have, but are not mandatory. Minimum qualifications: - 12+ years of experience in Compliance Assurance, Internal Audit, or Regulatory Testing within the financial services or fintech sector - Significant experience managing international teams, with a track record of developing senior talent (e.g., managing managers) - You can see the big picture. You know how to pivot a monitoring program from a manual, transactional model to a strategic, risk-based assurance model - Deep understanding of testing methodologies (design effectiveness vs. operating effectiveness), sampling strategies, and root cause analysis - Exceptional executive presence. You are comfortable presenting "bad news" constructively to C-level executives and driving consensus on remediation - Experience working across multiple regulatory jurisdictions (e.g., US, UK/EU, APAC) and understanding the nuances of differing regulatory expectations Preferred qualifications: - Previous experience in a Big 4 or Internal Audit function is highly desirable - Experience with SQL, Tableau, or other data visualization tools to drive continuous monitoring initiatives - Relevant professional certifications (e.g., CIA, CAMS, ICA Diploma in GRC) Applicant Safety Policy: Fraud and Third-Party Recruiters To protect you from recruitment scams, please be aware that Airwallex will not ask for bank details, sensitive ID numbers (i.e. passport), or any form of payment during the application or interview process. All official communication will come from an @airwallex.com email address. Please apply only through careers.airwallex.com or our official LinkedIn page. Airwallex does not accept unsolicited resumes from search firms/recruiters. Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s). Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary. Equal opportunity Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don't regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know. #BI-Hybrid

• Design, deploy, and manage Microsoft Purview Data Loss Prevention (DLP) policies across Exchange Online, SharePoint Online, OneDrive, Teams, and endpoint workloads. • Implement and maintain Microsoft Purview sensitivity labels, including label taxonomy, protection settings, encryption, and user experience alignment. • Configure and enforce auto-labeling and trainable classifiers to identify and protect CUI, export-controlled data, and other regulated data types. • Integrate DLP and labeling controls with Conditional Access, endpoint controls, and Defender workloads to support defense-in-depth. • Tune DLP policies to balance compliance enforcement with business usability, minimizing false positives while maintaining audit integrity. • Support audit readiness and evidence collection, including documentation of DLP configurations, labeling schemas, policy enforcement, and control mappings to NIST 800-171 and CMMC practices. • Collaborate with compliance, security operations, and engineering teams to remediate data handling gaps identified through assessments, audits, or incident response activities.