Compliance Engineer

About the Role You will own compliance and GRC initiatives to ensure security and trust for customers. You will develop and implement controls, gather audit evidence, run risk assessments, and respond to due diligence requests. You will maintain mappings to frameworks and help shape security programs.

Requirements Experience with Python or other programming and scripting languages is required Strong understanding of public sector compliance standards including NIST 800-53 SOC 2 CMMC ISO 27001 and CyberEssentials UK Experience leading a cloud first SaaS company through the audit process Privacy and GDPR experience is a plus Security certifications such as CISSP or CISM are a plus

Responsibilities Develop scalable controls and evidence collection processes and monitor control effectiveness Manage the compliance and certification lifecycle including SOC 2 Type II ISO 27001 27701 FedRAMP and CMMC Operationalize the GRC program to maintain certifications Develop and maintain security collateral for customers such as SIG and CAIQ Conduct enterprise risk assessments and maintain the risk registry Develop a vendor risk management program Identify areas for improvement based on input from customers and business objectives Funding Investors Deputy Chief Information Security Officer Sardine · 3 days ago Information Security Officer (ISO) Hata · 3 days ago Senior Cyber Security Engineer Avara · 3 days ago Senior Infrastructure Security Engineer Matter Labs · 1 week ago Cybersecurity Engineer Conio · 1 week ago Funding Investors Deputy Chief Information Security Officer Sardine · 3 days ago Information Security Officer (ISO) Hata · 3 days ago Senior Cyber Security Engineer Avara · 3 days ago Senior Infrastructure Security Engineer Matter Labs · 1 week ago Cybersecurity Engineer Conio · 1 week ago