Associate Manager, IT Compliance

As Warby Parker continues to scale, so does our responsibility to uphold strong compliance practices across our technology systems. We're on the lookout for an Associate Manager, IT Compliance-a critical position focused on owning and maturing the compliance functions within our Identity & Access Management team.

In this role, you'll take the lead on preparing for SOX access and change management reviews, supporting PCI, NIST, and HIPAA assessments, and ensuring that our systems and processes are always audit-ready. You'll collaborate across Tech Services and serve as the main point of contact between our team and GRC, Internal Audit, and External Audit partners. Sound like your cup of tea (or coffee, or yerba mate)? Keep reading!

What you'll do:

• Act as the primary liaison between the Tech Services team and GRC, Internal Audit, and External Audit groups
• Manage IT General Controls (ITGCs) assigned to Tech Services, ensuring they are designed, implemented, and executed effectively
• Prepare and coordinate responses for SOX user access and change management reviews, including evidence collection and documentation
• Support compliance efforts for PCI DSS (including the annual AOC process) and HIPAA risk assessments
• Maintain accurate and up-to-date documentation of IT controls, procedures, and remediation efforts
• Translate compliance and regulatory requirements into actionable technical controls and workflows
• Track and report on the status of compliance activities, findings, and remediation within Tech Services
• Partner with IT Engineering and Security teams to align on compliance priorities and timelines
• Contribute to continuous improvement efforts that strengthen audit readiness, automation, and risk mitigation
• Participate in the development of long-term compliance strategies and help to define scalable practices as the function grows

Who you are:

• Backed by 3+ years of experience in IT compliance, IT audits, or GRC within a technical or enterprise environment
• Equipped with a working knowledge of regulatory frameworks such as SOX, HIPAA, PCI DSS, CCPA, and NIST
• Familiar with ITGCs, particularly around access controls, change management, and operations
• Highly organized and detail-oriented-able to manage audits and evidence with precision
• Skilled at translating technical details into clear, actionable documentation
• A confident communicator who can work across teams and levels of technical knowledge
• Eager to take ownership, grow within a scaling organization, and help shape the future of IT compliance at Warby Parker

Extra credit:

• Experience with identity providers, ITSM platforms, access provisioning, or authentication systems
• Compliance-related certificates such as CISA, Security +, CISSP, etc.

Some benefits of working at Warby Parker for full-time employees:

• Health, vision, and dental insurance
• Life and AD&D Insurance
• Flexible vacation policy
• Paid Holidays
• Retirement savings plan with a company match
• Parental leave (non-birthing parents included)
• Short-term disability
• Employee Assistance Program (EAP)
• Bereavement Support
• Education Reimbursement
• Free eyewear
• And more (just ask!)