Compliance Engineer

Skills:

Compliance Automation, Security Frameworks (SOC 2, ISO 27001, PCI DSS), Scripting & API Development, Cloud Platforms (AWS, SaaS), Data Governance

About the Company /

The Opportunity:

Join a forward-thinking leader in the software industry as a GRC Automation Engineer on a mission to enhance global compliance and enterprise risk management.

This role offers the opportunity to shape the next evolution of a robust GRC program, embedding security and data governance principles into the heart of the business. You’ll collaborate across teams to drive automation, uphold the highest standards of compliance and ethics, and leverage advanced technologies to improve organizational security posture in a growing SaaS environment.

Responsibilities:

• Design and automate control testing and evidence collection to reduce manual effort and improve accuracy for compliance initiatives.

• Develop and maintain scripts and APIs across cloud infrastructure, endpoints, and SaaS platforms (e.g., AWS, Git Hub, Okta) to interface with compliance tools.

• Support recurring internal and external audits (SOC 2, ISO 27001, PCI DSS) by ensuring reliable control monitoring and remediation.

• Champion security, compliance, and data governance strategies, including data deletion, retention, and storage processes.

• Leverage AI/ML tools to enhance efficiency and drive improvements in GRC processes and overall compliance posture.

• Define technical control requirements and collaborate with engineering teams to embed compliance checks into CI/CD and infrastructure deployment pipelines.

Must-Have

Skills:

• Experience in scripting or automation focused on security, infrastructure, or GRC.

• Proficiency in building API endpoints and command-line tools; experience working with structured data formats (JSON, CSV, YAML).

• Solid understanding of audit processes, evidence requirements, and remediation for security and compliance frameworks (SOC 2, ISO 27001, PCI DSS).

• Ability to automate audit and evidence gathering procedures within cloud and SaaS environments.

• Strong collaboration skills, able to work effectively with technical and non-technical teams to drive GRC initiatives.

Nice-to-Have

Skills:

• Familiarity with software development and compliance platforms (e.g., Drata, Satori, Git Hub).

• Experience with AI/ML systems, open-source development, and frontend cloud technologies.

• Knowledge of federal security frameworks such as FedRAMP or NIST,, RMF).

• Security certifications (e.g., CISA, CISSP).

• Exposure to large-scale SaaS, cloud, or infrastructure environments with global reach.

#JLjbffr