Senior Compliance Automation Engineer

Anduril Anduril · Defense · Washington, DC · Corporate Technology : Information Security : Corporate Assurance

This role focuses on automating compliance processes within a defense technology company. The Senior Compliance Automation Engineer will lead initiatives to transition from manual to continuous, automated compliance monitoring by integrating data from various sources, operationalizing AI models for compliance, and implementing policy-as-code and automated guardrails. The role requires a strong foundation in IT operations and technical GRC experience, with an emphasis on project management and cross-functional influence.

What you'd actually do

  1. Architect and implement automated control evidence ingestion pipelines, integrating data from AWS/Azure, identity platforms, and endpoint management tools into our GRC platform. Operationalize AI models trained for compliance.
  2. Translate regulatory, policy, and control requirements into technical designs. Collaborate with engineering and DevOps to operationalize policy-as-code and automated guardrails.
  3. Lead complex, multi-department modernization initiatives from initial strategy through architectural design and execution. Own project schedules, resource planning, and milestone tracking.
  4. Drive End-to-End Projects: Lead complex, multi-department modernization initiatives from initial strategy through architectural design and execution. Own project schedules, resource planning, and milestone tracking.
  5. Proactively identify gaps in our current compliance, security posture, and automation capabilities. Formulate and roll out strategic remediation plans with minimal oversight.

Skills

Required

  • enterprise IT operations
  • IAM
  • Active Directory
  • cloud environments
  • endpoint security
  • technical GRC experience
  • NIST SP 800-171
  • CMMC
  • ISO 27001
  • project management
  • automation
  • scripting

Nice to have

  • AWS
  • Azure
  • identity platforms
  • endpoint management tools
  • GRC platforms

What the JD emphasized

  • minimal supervision
  • minimal oversight
  • continuous compliance monitoring
  • automated guardrails
  • operationalize AI models trained for compliance