Head of Enterprise Risk & Compliance

About The Job:

Not looking for a typical office gig?  Excited by the challenge of joining a tight-knit, high-performing team that has changed the way an industry works?  We’re looking for a hands-on person to impact how the live event industry operates and help us deliver killer software solutions for the likes of Ed Sheeran, Beyoncé, or the Vegas Golden Knights, and pretty much any significant live act in between.

As atVenu’s Head of Enterprise Risk and Compliance, you will be responsible for leading and executing the design, implementation and evaluation of the Company’s information security risk management processes and overall compliance program.  We need someone with a pragmatic “figure it out” attitude and the ability to apply their skills directly to ensuring that we remain compliant in all aspects of our business.  This includes legal and information security (eg, GDPR) requirements as well as compliance programs such as SOC2 and PCI-DSS.

Who We Are & What We Do:

atVenu was founded in 2012 and has taken the merchandise industry by storm. Our hardware and software platform now boasts over 10,000 artists and we annually help those artists manage more than100,000 shows a year. We are the industry standard platform for the live music business with clients such as Warner Music Group, Live Nation, AEG, UniversalMusic Group, Sony Music Group, and more and are moving into adjacent markets fast!

Our products and solutions have helped artists, festivals, and venues sell merch and manage the chaos of live events and improve their bottom lines. Whether it’s helping with the day-to-day inventory of merch, providing a platform to collect payments, helping fans buy their favorite event shirt from their phones, or equipping teams with the hardware and setup requirements to allow an event to run smoothly, atVenu is dedicated to ensuring our customers have robust technology that “just works” in the most demanding environments.

Why Come Work For Us?

It’s fun! We have a great team of passionate, dedicated individuals that when put together move mountains and have changed the way an entire industry operates. We’ve accomplished a lot in a relatively small period of time thanks to the incredible people that make up the company and the positive energy within it.

We have a solid foundation with strong revenue growth year-over-year and the largest customers in the industry. These critical customers rely on us to solve their problems which continues to create more and more opportunity at a very fast pace!  We’re large enough to have very solid footing as a company, platform, and industry partner while still small enough in size for you to make an important impact with your expertise and enthusiasm.

We strongly believe and support balance in your life, without it both work and personal time suffer. We take very serious our role in fostering an environment for you to achieve your definition of success and purpose. We want you to achieve whatever goals you have and want you to have fun in the process. Our customers love us, we love them, we’re making really cool stuff, we’re solving big problems, we have a ton of growth ahead of us… so come hang!

What You'll Be Doing:

  • Maintain and progress our SOC2 and PCI-DSS compliance by writing policy and control descriptions, making changes as/where needed to meet regulatory and internal audit requirements
  • Conduct interviews and process walkthroughs to understand control objectives, risks and controls associated to a process area under review
  • Analyze and correlate input from multiple sources. Use problem solving and critical thinking skills to quickly identify control deficiencies and assess their risk implications
  • Develop corrective actions and recommendations for improvement that are relevant and not excessively onerous for the business
  • Deliver employee training and awareness programs regarding information security and policies
  • Develop roadmap for continued compliance to established policies and procedures
  • Track outstanding IT remediation items to ensure timely completion
  • Maintain familiarity with current and upcoming regulatory requirements and their impact on our business
  • Complete risk assessments to ensure compliance with corporate security policies, regulatory requirements and adherence to best practices

Your Experience & Skills:

  • Bachelor’s Degree  
  • Knowledge of the payment industry and its regulatory compliance landscape
  • A minimum of 5 years of direct experience in the payments industry, especially with regulatory and compliance matters like SOC2 and PCI-DSS
  • Able to prioritize and support an environment driven by customer service and teamwork
  • Outstanding communication skills, both oral and written
  • Works well under deadlines and in a fast-paced environment  
  • Works with a “no job too big or small” attitude
  • Willing to have fun while you work – we listen to music all day in the office!

Work Perks:

  • Competitive compensation in a supportive, team-based work environment  
  • Ticket allowance for attending your choice of live events (concerts, festivals, etc)
  • Gadget budget for items that enhance your entertainment enjoyment or technical curiosity such as headphones, home speakers, audio equipment, computer or gaming equipment, etc.
  • 100% company paid health benefits including health insurance, vision and dental [note: TBD Canada]
  • Annual bonus program and equity participation via incentive stock option plan
  • Company sponsored training and professional development
  • Fully remote, or if you’re in Calgary: a hybrid work environment with flexible balance of WFH and WFO


Remote (North American time zones) / Canada / Calgary

To Apply:

Send an email to careers@atVenu.com