Abuse & Compliance Manager

About the Role

We are seeking a highly skilled and proactive Abuse & Compliance Manager with a strong background in security, DevOps, and system administration. In this role, you will be responsible for identifying and responding to abuse incidents, ensuring compliance with relevant regulations and internal policies, and supporting the infrastructure with system-level knowledge.
This role requires both investigative and technical capabilities, allowing you to work across compliance, infrastructure, and operations.

Key Responsibilities
Monitor, investigate, and resolve abuse reports such as spam, phishing, malware, copyright violations, and unauthorized usage.
Analyze logs and conduct IP tracing, DNS queries, and reputation checks.
Work with third-party abuse reporting platforms such as: Spamhaus – Anti-spam blocklist service, AbuseIPDB – Crowd-sourced malicious IP database, ARIN (American Registry for Internet Numbers) – IP and ASN registry
Ensure compliance with: GDPR (General Data Protection Regulation) – EU data protection law, DMCA (Digital Millennium Copyright Act) – US copyright law, CAN-SPAM – US law regulating commercial emails, AUP (Acceptable Use Policy) – Internal service usage guidelines
Utilize security tools and automation such as: Fail2ban – Intrusion prevention tool, CSF (ConfigServer Security & Firewall) – Server firewall and security suite, ModSecurity / WAF (Web Application Firewall) – Protection against web-based attacks
Implement and maintain abuse response and mitigation processes.
Create internal documentation and compliance reports.
Train internal teams on abuse handling and compliance best practices.
Write and maintain automation scripts (Bash, Python, or equivalent).
Support incident response processes and forensic investigations when needed.

Requirements
Proven experience in abuse handling, compliance, and/or trust & safety roles.
Strong knowledge of:
Internet protocols: DNS, HTTP, SMTP
Server log analysis
Abuse types: spam, phishing, port scanning, brute force
Familiarity with international compliance and data protection laws.
Solid experience with Linux systems, security tools, and DevOps pipelines.
Excellent verbal and written communication in English.
Strong attention to detail and analytical thinking.
Experience in incident response or cyber threat intelligence.
Excellent communication, documentation, and stakeholder management skills.

Nice to Have
Previous experience in abuse handling at:
-Hosting providers (shared/VPS/cloud environments)
-Domain registrars or CDN providers
Familiarity with web hosting environments and tools.
Understanding of common abuse cases in hosting
Use CI/CD tools (e.g., GitHub Actions, Jenkins, GitLab CI) to integrate automated security checks.
Manage and monitor Linux-based systems and cloud infrastructure.
Configure and manage firewalls, access controls, and server hardening techniques.
Analyze system logs and metrics to proactively identify vulnerabilities or suspicious behavior.
Show more Show less