Compliance Automation Engineer

💰 $128k-$222k
🇺🇸 United States - Remote
💻 Software Development🔵 Mid-level

Job description

About Vercel:

Vercel gives developers the tools and cloud infrastructure to build, scale, and secure a faster, more personalized web. As the team behind v0, Next.js, and AI SDK, Vercel helps customers like Ramp, Supreme, PayPal, and Under Armour build for the AI-native web.

Our mission is to enable the world to ship the best products. That starts with creating a place where everyone can do their best work. Whether you’re building on our platform, supporting our customers, or shaping our story: You can just ship things.

About the role:

We are looking for a GRC Automation Engineer to join our Governance, Risk, and Compliance (GRC) team. You will have the opportunity to enhance our global compliance posture and further our commitment to managing enterprise risk. Your role will be instrumental in ensuring that our company operates in accordance with security requirements and embodies an environment where it’s everyone’s responsibility. This role will report to the Head of GRC and help shape the next iteration of the GRC program and further embed data governance principles and compliance requirements into the business.

Think you may not have all the skills and are hesitant to apply? There is no “perfect” candidate and encourage you to apply if you think that you can bring value to our team and are passionate and committed to upholding the highest standards of compliance and ethics.

If you’re based within a pre-determined commuting distance of one of our offices (SF, NY, London, or Berlin), the role includes in-office anchor days on Monday, Tuesday, and Friday, even if the role is listed as remote. For location-specific details, please connect with our recruiting team.

Getting started:

  • We want you to feel like part of the team early on! Our team will help integrate you into the company with explanations on our product, policies, processes, team structure and roadmap.
  • We’re excited for you to learn, grow, and contribute right away! We trust that you’ll bring experience and knowledge that will uplift and up-level the team, but we don’t expect you to know everything on Day 1.

What you will do:

  • Design and automate control testing and evidence collection to reduce manual effort and improve accuracy.
  • Build and maintain scripts and APIs across infrastructure, endpoints, and SaaS platforms (e.g., AWS, GitHub, Okta) that interface with compliance tooling.
  • Support recurring internal and external audits (i.e., SOC 2, ISO 27001, PCI DSS, etc.) by ensuring reliable control monitoring.
  • Champion security, compliance, data governance strategies and processes, including data deletion, data retention, data storage, and more.
  • Leverage AI/ML tools to improve efficiency and outcomes for GRC processes and overall compliance posture.
  • Define technical control requirements and collaborate with internal partners to embed compliance checks into CI/CD pipelines and infrastructure deployment workflows.

About you:

  • Experience in scripting or automation with a focus on security, infrastructure, or GRC
  • Knowledge of audit processes, evidence requirements, and remediation actions for security and compliance frameworks (i.e., SOC 2, ISO 27001, PCI DSS)
  • Ability to write scripts and basic code to automate audit and evidence gathering processes
  • Ability to build API end points and command-line tools, work with structured data (JSON, CSV, YAML), and extract compliance-relevant information from security, IT, and GRC systems
  • Experience owning a project or scope, building relationships, collaborating with both technical and non-technical teams and driving initiatives to completion

Bonus if you have:

  • Familiarity with data governance, compliance or software development tools and systems (e.g., Drata, Satori, Github, etc.)
  • Experience with frontend cloud, AI/ML systems, and open source development
  • Experience with FedRAMP or NIST frameworks, such as 800-53, 800-171, RMF
  • Security certifications (e.g. CISA, CISSP)

Benefits:

  • Competitive compensation package, including equity.
  • Inclusive Healthcare Package.
  • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
  • Flexible Time Off.
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.

The San Francisco, CA base pay range for this role is $128,000.00 - $222,000.00.  This salary range is an estimate. Actual salary will be based on job related skills, experience and location. Pay ranges outside San Francisco may be  adjusted based on employee location.  The total compensation package also includes benefits and equity-based compensation. Your recruiter can share more about the specific pay range for your location during the hiring process.

Vercel is committed to fostering and empowering an inclusive community within our organization. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, national origin, citizenship, age, marital status, veteran status, disability status, or any other characteristic protected by law. Vercel encourages everyone to apply for our available positions, even if they don’t necessarily check every box on the job description.

Share this job:
Please let Vercel know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Vercel

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply