Compliance Automation Engineer

Vercel

5d•$128,000 - $222,000•Hybrid

About The Position

We are looking for a a Compliance Automation Engineer to join our Governance, Risk, and Compliance (GRC) team. You will have the opportunity to enhance our global compliance posture and further our commitment to managing enterprise risk. Your role will be instrumental in ensuring that our company operates in accordance with security requirements and embodies an environment where it’s everyone’s responsibility. This role will report to the Head of GRC and help shape the next iteration of the GRC program and further embed data governance principles and compliance requirements into the business. If you’re based within a pre-determined commuting distance of one of our offices (SF, NY, London, or Berlin), the role includes in-office anchor days on Monday, Tuesday, and Friday. If you're located beyond that distance, the role is fully remote. For location-specific details, please connect with our recruiting team. Getting started: We want you to feel like part of the team early on! Our team will help integrate you into the company with explanations on our product, policies, processes, team structure and roadmap. We’re excited for you to learn, grow, and contribute right away! We trust that you’ll bring experience and knowledge that will uplift and up-level the team, but we don’t expect you to know everything on Day 1.

Requirements

Experience in scripting or automation with a focus on security, infrastructure, or GRC
Knowledge of audit processes, evidence requirements, and remediation actions for security and compliance frameworks (i.e., SOC 2, ISO 27001, PCI DSS)
Ability to write scripts and basic code to automate audit and evidence gathering processes
Ability to build API end points and command-line tools, work with structured data (JSON, CSV, YAML), and extract compliance-relevant information from security, IT, and GRC systems
Experience owning a project or scope, building relationships, collaborating with both technical and non-technical teams and driving initiatives to completion

Nice To Haves

Familiarity with data governance, compliance or software development tools and systems (e.g., Drata, Satori, Github, etc.)
Experience with frontend cloud, AI/ML systems, and open source development
Experience with FedRAMP or NIST frameworks, such as 800-53, 800-171, RMF
Security certifications (e.g. CISA, CISSP)

Responsibilities

Design and automate control testing and evidence collection to reduce manual effort and improve accuracy.
Build and maintain scripts and APIs across infrastructure, endpoints, and SaaS platforms (e.g., AWS, GitHub, Okta) that interface with compliance tooling.
Support recurring internal and external audits (i.e., SOC 2, ISO 27001, PCI DSS, etc.) by ensuring reliable control monitoring.
Champion security, compliance, data governance strategies and processes, including data deletion, data retention, data storage, and more.
Leverage AI/ML tools to improve efficiency and outcomes for GRC processes and overall compliance posture.
Define technical control requirements and collaborate with internal partners to embed compliance checks into CI/CD pipelines and infrastructure deployment workflows.

Benefits

Competitive compensation package, including equity.
Inclusive Healthcare Package.
Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
Flexible Time Off.
We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume