Back to Jobs
VercelDevelopment 22d ago

Compliance Automation Engineer (Security & IT)

Remote (USA)
Full-time
$128,000 - $222,000 USD / Year
Be the first applicant! 🚀

Job Description

Vercel, the team behind Next.js and the AI SDK, is looking for a Compliance Automation Engineer to join their GRC team. This role reports to the Head of GRC and is instrumental in embedding data governance and compliance into the business. Unlike traditional GRC roles, this position focuses on automating control testing and reducing manual effort by building scripts and APIs.

Key Responsibilities

  • Automation: Design and automate control testing and evidence collection to reduce manual effort and improve accuracy.
  • Scripting & APIs: Build and maintain scripts and APIs across infrastructure and SaaS platforms (e.g., AWS, GitHub, Okta) to interface with compliance tooling.
  • CI/CD Integration: Define technical control requirements and embed compliance checks directly into CI/CD pipelines and infrastructure workflows.
  • Audit Support: Support recurring audits (SOC 2, ISO 27001, PCI DSS) by ensuring reliable control monitoring.
  • AI Implementation: Leverage AI/ML tools to improve efficiency and outcomes for GRC processes.
  • Data Governance: Champion strategies for data deletion, retention, and storage.

Requirements

  • Technical GRC: Experience in scripting or automation with a focus on security, infrastructure, or GRC.
  • Frameworks: Knowledge of audit processes and evidence requirements for SOC 2, ISO 27001, and PCI DSS.
  • Coding Skills: Ability to write scripts, build API endpoints, and work with structured data (JSON, CSV, YAML).
  • Integration: Ability to extract compliance-relevant information from security, IT, and GRC systems.
  • Ownership: Experience owning a project scope and driving initiatives to completion across technical and non-technical teams.

Nice to Have

  • Familiarity with tools like Drata, Satori, or GitHub.
  • Experience with FedRAMP, NIST 800-53, or RMF.
  • Security certifications like CISA or CISSP.

Location & Benefits

  • Location Policy: If you are within commuting distance of San Francisco, New York, London, or Berlin, the role includes in-office anchor days (Mon, Tue, Fri). If outside these areas, the role is Fully Remote.
  • Compensation: $128,000 - $222,000 Base Salary + Equity.
  • Perks: Inclusive healthcare, flexible time off, and a WFH budget to outfit your space.

Safety First

  • Never pay for a job application.
  • Do not share sensitive bank info.
  • Verify the client before starting work.