Vanta

Compliance Automation Engineer, GRC

United States

$139,000 – $164,000Compensation
Junior (1 to 2 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Information Security, Compliance & Risk ManagementIndustries

Requirements

Candidates should possess 3+ years of experience in scripting, automation, or backend engineering roles with a focus on security, infrastructure, or compliance, and expertise with public sector security frameworks like FedRAMP and CMMC. They should also be able to write scripts and basic code to automate audit and evidence gathering processes, and have proficiency in at least one scripting language such as Python, Go, PowerShell, Bash, Ruby, or JavaScript.

Responsibilities

As a Compliance Automation Engineer, GRC at Vanta, you will design and develop automation solutions for evidence collection across infrastructure, endpoints, and SaaS platforms, build and maintain scripts and APIs, support recurring internal and external audits, automate control testing and reporting pipelines, support internal GRC platforms, dashboards, and metrics, work with the compliance team to define technical control requirements, work with Engineering partners to embed compliance checks into CI/CD pipelines, establish and manage the POAM and Continuous Monitoring processes, manage compliance deliverables for public sector stakeholders, leverage AI/ML tools to drive automation, drive remediation for Security Team gaps, support policy and process implementation, contribute to the development of machine readable reports, gather performance metrics and report KPIs, become an expert on Vanta’s public sector product offerings, and partner to help improve existing and launch new security and compliance processes, programs, and policies where needed.

Skills

Automation scripting
APIs
AWS
GCP
GitHub
Okta
Compliance tooling
Audit support
Control testing
Monitoring
Security and GRC

Vanta

Automates SOC 2 compliance for businesses

About Vanta

Vanta simplifies the process of obtaining and maintaining SOC 2 certification, which is essential for organizations that manage sensitive customer data. The company offers a software-as-a-service (SaaS) platform that automates numerous checks to ensure that security controls are effective and compliant with industry standards. This automation helps small to medium-sized enterprises (SMEs) and tech companies monitor risks and vulnerabilities continuously, significantly reducing the time and cost associated with achieving SOC 2 compliance. Vanta's subscription-based model provides clients with a more efficient and cost-effective way to maintain compliance compared to traditional methods. The goal of Vanta is to transform the compliance process, allowing organizations to focus on their core operations while enhancing their security posture.

San Francisco, CaliforniaHeadquarters
2018Year Founded
$343.4MTotal Funding
SERIES_CCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees

Benefits

100% Benefits Coverage
Flexible & Remote Work
Paid Parental Leave
Unlimited PTO
Health & Wellness
401(k)

Risks

Emerging competitors like ComplyCube could challenge Vanta's market position.
Healthcare data breaches may increase demand for more robust security measures.
Reliance on partnerships like HITRUST poses risks if standards evolve significantly.

Differentiation

Vanta automates up to 90% of audit preparation, reducing compliance costs significantly.
The platform offers real-time insights, enhancing trust and streamlining security reviews.
Vanta's HITRUST e1 solution automates 80% of requirements, ensuring continuous compliance.

Upsides

Vanta secured $150M in Series C funding, boosting its growth potential.
Partnership with HITRUST enhances Vanta's credibility in the healthcare sector.
Rising demand for automated compliance solutions supports Vanta's market expansion.

Land your dream remote job 3x faster with AI