Solutions Engineer - Southeast
RescaleFull Time
Junior (1 to 2 years)
Candidates should possess 3+ years of experience in scripting, automation, or backend engineering roles with a focus on security, infrastructure, or compliance, and expertise with public sector security frameworks like FedRAMP and CMMC. They should also be able to write scripts and basic code to automate audit and evidence gathering processes, and have proficiency in at least one scripting language such as Python, Go, PowerShell, Bash, Ruby, or JavaScript.
As a Compliance Automation Engineer, GRC at Vanta, you will design and develop automation solutions for evidence collection across infrastructure, endpoints, and SaaS platforms, build and maintain scripts and APIs, support recurring internal and external audits, automate control testing and reporting pipelines, support internal GRC platforms, dashboards, and metrics, work with the compliance team to define technical control requirements, work with Engineering partners to embed compliance checks into CI/CD pipelines, establish and manage the POAM and Continuous Monitoring processes, manage compliance deliverables for public sector stakeholders, leverage AI/ML tools to drive automation, drive remediation for Security Team gaps, support policy and process implementation, contribute to the development of machine readable reports, gather performance metrics and report KPIs, become an expert on Vanta’s public sector product offerings, and partner to help improve existing and launch new security and compliance processes, programs, and policies where needed.
Automates SOC 2 compliance for businesses
Vanta simplifies the process of obtaining and maintaining SOC 2 certification, which is essential for organizations that manage sensitive customer data. The company offers a software-as-a-service (SaaS) platform that automates numerous checks to ensure that security controls are effective and compliant with industry standards. This automation helps small to medium-sized enterprises (SMEs) and tech companies monitor risks and vulnerabilities continuously, significantly reducing the time and cost associated with achieving SOC 2 compliance. Vanta's subscription-based model provides clients with a more efficient and cost-effective way to maintain compliance compared to traditional methods. The goal of Vanta is to transform the compliance process, allowing organizations to focus on their core operations while enhancing their security posture.