Technology Control Automation Specialist

About The Position

Requirements

• Bachelor's degree or equivalent experience.
• 3–5+ years in developing AI agents, cybersecurity, GRC, compliance operations, or DevSecOps.
• Experience with enterprise AI tools and GRC and compliance automation platforms (e.g., Anecdotes, ServiceNow, Auditboard, Drata, Vanta, Safebase).
• Strong experience in technology risk management, cybersecurity, or compliance
• Experience integrating governance gates into CI/CD and MLOps pipelines
• Strong knowledge of security frameworks and standards (e.g., NIST AI RMF, ISO42001, PCI DSS, SOX, GLBA, ISO 27001, NIST CSF, SOC 2).
• Familiarity with SIEM, cloud platforms (AWS, GCP), IaC, and scripting (e.g., Terraform, Python).
• Foundational knowledge of cloud architecture and cybersecurity principles.
• Strong analytical and troubleshooting skills, with an eye for efficiency and risk reduction.
• Exceptional organizational skills, attention to detail, and ability to manage multiple projects.
• Excellent documentation, collaboration, and communication skills.
• AI/LLM Knowledge: understanding of developer productivity tools like Claude Code, Cursor and Large Language Models, agent frameworks (e.g., LangChain, AutoGPT), and RAG architecture.
• Security Engineering: Strong background in application security, cloud security (AWS/GCP/Azure), and threat modeling.

Nice To Haves

• Direct experience with external auditors and regulatory bodies.
• Professional certifications (e.g., CISSP, CISA, CRISC, AWS Solutions Architect, cloud security).
• Experience in fintech or financial services.
• Hands-on experience with API integrations or light scripting.
• High-level stakeholder management, influence without authority, and ability to navigate ambiguity

Responsibilities

• Design and architect technology and cybersecurity controls monitoring and testing function, leveraging enterprise compliance automation platforms, agentic AI, tools and workflows.
• Implement automated monitoring (anomaly detection) and surveillance methods to ensure systems operate within defined guardrails
• Create risk and compliance dashboards, remediation performance metrics, ticketing criteria, remediation queue monitoring, tracking, measuring and communicating key performance activities for Technology and Cybersecurity library of controls
• Automate manual cybersecurity and compliance controls and administration of the compliance automation platform for audit support (e.g.,SOC 2, SOX, PCI DSS).
• Develop automated control enforcement mechanisms (e.g., scripts, APIs, policy checks), integrating controls as code logic into CI/CD pipelines, cloud environments, and endpoint tools.
• Enable continuous control monitoring (CCM) by developing reusable logic and ensuring automated controls produce auditable evidence.
• Support internal and external audits by providing access to accurate automated evidence and system logs.
• Analyze automated test gaps, distinguishing false positives from true findings, and driving remediation.
• As required, collaborate with security, engineering, business and other stakeholders to collect security questionnaire responses.
• Maintain a control automation backlog and document all automated control logic.

Benefits

• Comprehensive and competitive benefits