Security Compliance Engineer

Sophos

full-time

Posted on: 9/25/2025

Origin: • 🇺🇸 United States

✨ AI Apply

💰 $98,000 - $163,000 per year

JuniorMid-Level

AWSCloudCyber SecurityPythonServiceNow

About the role

Serve as a technical SME for compliance automation and integration efforts
Design and implement automated workflows for evidence collection and control monitoring
Expand and optimize the capabilities of the compliance platform through technical configuration and integration
Develop and maintain dashboards to visualize compliance posture and key risk indicators
Integrate GRC tools with cloud platforms and internal systems using APIs and scripting
Collaborate with product, engineering, and security teams to implement technical controls
Conduct gap analysis and support implementation of new compliance frameworks
Monitor compliance with internal controls and external regulatory requirements (e.g., ISO 27001, NIST, SOC 2, GDPR, HIPAA)
Stay current with emerging technologies, regulations, and best practices in compliance automation

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
2+ years of experience in technical GRC, compliance automation, or security engineering roles
Knowledge of industry frameworks such as NIST, ISO 27001, COBIT, or CIS Controls
Understanding of technologies used to meet compliance objectives
Strong analytical, problem-solving, and documentation skills
Excellent communication and collaboration skills
Legal authorization to work in the jurisdiction where the position is posted without employer sponsorship
Preferred: Certifications such as CISA, CISM, CRISC, CISSP, or Security+
Preferred: Experience with GRC tools (e.g., Archer, ServiceNow GRC, OneTrust)
Preferred: Basic programming or scripting skills (e.g., Python, Bash) and familiarity with APIs
Preferred: Working knowledge of AWS and cloud security controls