DISCO
legal tech
ComplianceEngineer
“Compliance Engineer at DISCO. Skills: Technical compliance, SOX, SOC2 Type II, and ISO-27001 audits, Compliance automation, DevOps, AWS, Infrastructure as Code, Cloud-native applications, Containerized applications. Driving the implementation of compliance requirements. Automating evidence collection into Continuous Compliance workflows”
What You'll Achieve.
Deliver enhancements to our system's reliability, scalability, security; Ensure compliance with security policies; Automate evidence collection into 'Continuous Compliance' workflows with minimal disruption to engineering velocity; Establish automated guardrails; Provide ironclad assurance to our partners within the business
Industry & Context.
Fixing the law by automating the parts of the practice that can be automated; Solve problems of scale in data, in laws, and in business operations
Authorization to work in the U. S. without sponsorship now or in the future, DISCO is not currently sponsoring visas, including, but not limited to, H-1B, TN, or EAD, and we are not accepting visa transfers.
What They're Looking For.
Must Have
5 years in a technical compliance, security, or DevOps-adjacent role, preferably within a SaaS environment, understanding of key compliance frameworks, including SOX 404, ISO-27001, SOC2, and IT general controls (ITGC), 2-4 years of hands-on experience in DevOps or Platform Engineering, specifically working with AWS, cloud-native applications, and automating deployment/scaling of containerized applications using Infrastructure as Code, desire and/or experience in leveraging compliance automation platforms (e. g. , Anecdotes) to build and maintain automated evidence-gathering tools, engineering background with a preference for collaborative work, including mentoring others and partnering with cross-functional engineering teams to build and maintain highly performant systems
Nice to Have
Exposure to and understanding of security and compliance frameworks such as FedRAMP, NIST 800-53, or CSRF, Experience building and managing PaaS (Platform as a Service) for internal development teams, Experience with Cloud Networking (VLAN, routing), Experience with other cloud platforms, specifically Azure and GCP, Familiarity with Windows Server and Administration (Active Directory, Group Policy Objects), Experience with ASP. NET Deployments (WebDeploy), General experience with Software Development and any tech stack
What You'll Do.
Driving the implementation of compliance requirements
Automating evidence collection into Continuous Compliance workflows
Implementing Compliance as Code
Performing internal reviews of infrastructure configurations
Managing the technical lifecycle of user access
Enforcing Segregation of Duties (SoD)
Reviewing deprovisioning workflows
Providing technical expertise during sales cycles
Maintaining the Security Trust Center and compliance documentation
How You'll Work.
Team & Collaboration
Work with DevOps Engineers to implement 'Compliance as Code'; Partnering with cross-functional engineering teams to build and maintain highly performant systems; Support GRC teams by providing technical expertise during sales cycles
Applying for this Compliance Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about DISCO?
Real rants from real employees. Read before you apply.