Compliance Engineer

ConductorOne is the modern identity governance platform that makes it possible to move beyond the limitations of legacy IGA and reduce the identity attack surface with confidence.

Designed for flexibility, ConductorOne provides a broad range of direct connectors to integrate with cloud, infrastructure, on-prem, and homegrown tools. The platform’s Access Fabric brings together previously siloed access and permissions data from across a company’s environment. This provides real-time visibility and dynamic access controls that allow businesses to reduce identity risks, move to just-in-time access, automate access reviews, and manage the full identity lifecycle. The platform delivers intuitive user experiences that help teams get up and running faster, using powerful automation backed by AI to significantly improve productivity.

ConductorOne is trusted by forward-thinking enterprises like DigitalOcean, Instacart, NFI, Ramp, and Zscaler.

As a Compliance Engineer at ConductorOne, you’ll be responsible for building and operating the systems, processes, and automations that keep our security and compliance programs running smoothly. You’ll partner closely with Security, Engineering, and Operations to design controls that scale with the business, maintain audit readiness, and turn compliance from a manual exercise into an integrated part of our platform. You’ll manage evidence collection, streamline audits, and continuously improve how ConductorOne meets its commitments — ensuring our infrastructure, products, and practices stay secure, compliant, and efficient as we grow.

What you'll do:

• Own and operate ConductorOne’s security and compliance programs such as SOC 1, SOC 2, ISO 27001, and FedRAMP.

• Partner with Security, Engineering, and SRE to ensure controls are effectively designed, implemented, and continuously monitored.

• Manage evidence collection and audit readiness while identifying opportunities to automate compliance workflows through tooling and process improvements.

• Translate compliance requirements into actionable engineering or operational changes — turning policies into code where possible.

• Collaborate cross-functionally to ensure compliance supports, rather than slows, product delivery and innovation.

• Develop and maintain documentation, policies, and control mappings that scale with the company.

• Support customer and prospect requests related to ConductorOne’s security and compliance posture.

• Track evolving standards and regulatory expectations, ensuring the company remains audit-ready as it grows.

You would be an excellent candidate if you:

• You have hands-on experience operating or auditing information security and compliance programs.

• You’re comfortable working directly with engineers and can translate between regulatory language and technical implementation.

• You enjoy finding ways to automate manual tasks and reduce audit friction through code, integrations, or workflow improvements.

• You’re organized, detail-oriented, and calm under the pressure of audit timelines.

• You thrive in a fast-paced startup environment where processes evolve and impact is visible.

• You take pride in making compliance both effective and lightweight — enabling security and reliability without unnecessary bureaucracy.
  

Extra Credit if…

• You’ve helped a company achieve or maintain multiple security or compliance certifications.

• You’ve used or implemented compliance automation tools or built internal equivalents.

• You have experience integrating compliance evidence collection with engineering systems (GitHub, AWS, Jira, etc.).

• You’ve participated in or supported customer security assessments or RFPs.

• You’re familiar with risk management or security control frameworks such as NIST, CIS, or ISO.

• You have experience working closely with security engineering, DevOps or SRE teams.

ConductorOne, Inc. is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.