We’re partnering with one of the world’s fastest-growing AI companies to hire a Security Compliance Engineer to help build and scale security compliance across a rapidly growing engineering organisation.
We’re specifically looking for someone who has already completed or played a significant role in a FedRAMP 20x audit within a SaaS or cloud-native software company. This experience is essential.
This is not a traditional GRC or audit role. We’re looking for an engineer who has helped automate compliance rather than manually manage it, someone who’s embedded security controls into engineering workflows, built compliance automation, and understands how modern frameworks like FedRAMP 20x should be implemented in fast-moving cloud-native environments.
If you’ve built compliance tooling, integrated security into CI/CD pipelines, automated evidence collection, and worked alongside engineering teams to make compliance scalable, we’d love to hear from you.
Responsibilities include:
- Build and automate compliance processes across engineering teams.
- Drive FedRAMP and GovRAMP compliance initiatives with a strong focus on FedRAMP 20x.
- Build compliance-as-code capabilities that reduce manual audit effort.
- Integrate security controls into CI/CD pipelines and engineering workflows.
- Automate evidence collection, monitoring and reporting using APIs, scripting and modern security tooling.
- Partner with Engineering, Product, Legal and Customer Success to support regulated enterprise customers.
- Support customer security reviews, security questionnaires and audit activities.
- Improve security posture through scalable engineering rather than manual governance.
Required experience:
Essential
- Proven hands-on experience delivering or supporting FedRAMP 20x audits.
- Experience working within a SaaS or cloud-native software company.
- Strong security engineering background with experience embedding compliance into engineering workflows.
- Experience building compliance automation and reducing manual audit overhead.
- Experience integrating security controls into CI/CD pipelines.
- Strong understanding of cloud security and modern engineering practices.
- Comfortable writing scripts or building tooling (Python or similar preferred).
- Experience partnering directly with software engineering teams.
Nice to have
- GovRAMP
- NIST 800-53
- CMMC
- OPA/Rego or Policy-as-Code
- AWS, Azure or GCP security
- AI or ML platform security
- Customer trust, enterprise security questionnaires and regulated customer environments
Our client is one of the fastest-growing AI businesses in the world, helping shape how security and compliance are embedded into cutting-edge AI products used by millions of users and some of the world’s largest enterprises.
Fully remote from the US, however there is a strong preference to East Coast candidates.