Security Compliance Engineer

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience). 2+ years of experience in technical GRC, compliance automation, or security engineering roles. Knowledge of industry frameworks such as NIST, ISO 27001, COBIT, or CIS Controls. Understanding of various technologies used meet compliance objectives. Strong analytical, problem-solving, and documentation skills. Excellent communication and collaboration skills. Experience with GRC tools (e.g., Archer, ServiceNow GRC, OneTrust). Basic programming or scripting skills (e.g., Python, Bash) and familiarity with APIs. Working knowledge of AWS and cloud security controls.

Serve as a technical SME for compliance automation and integration efforts. Design and implement automated workflows for evidence collection and control monitoring. Expand and optimize the capabilities of the compliance platform through technical configuration and integration. Develop and maintain dashboards to visualize compliance posture and key risk indicators. Integrate GRC tools with cloud platforms and internal systems using APIs and scripting. Collaborate with product, engineering, and security teams to implement technical controls. Conduct gap analysis and support implementation of new compliance frameworks. Monitor compliance with internal controls and external regulatory requirements (e.g., ISO 27001, NIST, SOC 2, GDPR, HIPAA). Stay current with emerging technologies, regulations, and best practices in compliance automation.