DISCO
Compliance Engineer
New York City, New YorkFrom $190kmidAdded 2 days ago
About this role
DISCO, a legal tech company, seeks a Compliance Engineer to bridge security governance and cloud infrastructure on their DevOps team. You'll automate compliance evidence collection for SOX, SOC2, and ISO-27001 audits while implementing infrastructure-as-code guardrails and managing identity access controls.
What you'll do
- Automate evidence collection and serve as technical contact for SOX, SOC2 Type II, and ISO-27001 audits
- Implement 'Compliance as Code' practices with DevOps teams to establish automated guardrails
- Manage user access lifecycle, enforce Segregation of Duties, and review deprovisioning workflows
- Support GRC stakeholders with technical expertise during sales cycles and RFP responses
- Maintain Security Trust Center and compliance documentation
- Review infrastructure configurations for compliance alignment
What they're looking for
- SOX 404, ISO-27001, SOC2, and IT general controls (ITGC)
- AWS cloud services (EC2, Lambda, ECS, EKS, CloudFormation, KMS)
- Infrastructure as Code (Terraform, CloudFormation)
- DevOps and Platform Engineering
- Compliance automation tools
- Python, Bash scripting
- Identity and access management
- CI/CD platforms (Jenkins, GitHub, CodePipeline)
Opens the official application on the employer’s site. No login required.