Skip to main content

DISCO

Compliance Engineer

New York City, New YorkFrom $190kmidAdded 2 days ago

About this role

DISCO, a legal tech company, seeks a Compliance Engineer to bridge security governance and cloud infrastructure on their DevOps team. You'll automate compliance evidence collection for SOX, SOC2, and ISO-27001 audits while implementing infrastructure-as-code guardrails and managing identity access controls.

What you'll do

  • Automate evidence collection and serve as technical contact for SOX, SOC2 Type II, and ISO-27001 audits
  • Implement 'Compliance as Code' practices with DevOps teams to establish automated guardrails
  • Manage user access lifecycle, enforce Segregation of Duties, and review deprovisioning workflows
  • Support GRC stakeholders with technical expertise during sales cycles and RFP responses
  • Maintain Security Trust Center and compliance documentation
  • Review infrastructure configurations for compliance alignment

What they're looking for

  • SOX 404, ISO-27001, SOC2, and IT general controls (ITGC)
  • AWS cloud services (EC2, Lambda, ECS, EKS, CloudFormation, KMS)
  • Infrastructure as Code (Terraform, CloudFormation)
  • DevOps and Platform Engineering
  • Compliance automation tools
  • Python, Bash scripting
  • Identity and access management
  • CI/CD platforms (Jenkins, GitHub, CodePipeline)
Apply on the employer's site

Opens the official application on the employer’s site. No login required.