Related skills
azure aws gcp fedramp nist 800-53📋 Description
- Own audits and regulatory programs (ISO 42001, PCI DSS, NIST 800-53, FedRAMP, HIPAA).
- Drive scope, readiness, auditor engagement, remediation planning, and exec reporting.
- Understand Sierra’s AI Platform; partner with Platform and Agent Eng to design controls across multi-cloud infra and data.
- Build a centralized security controls library mapped to compliance and customer requirements; assess effectiveness and remediate.
- Define security baselines for cloud infra, containers, Kubernetes, identity, and encryption; coordinate config/change management.
- Design and operate automated compliance workflows using AI, IaC, and security tooling to scale.
🎯 Requirements
- 8+ years in security compliance or GRC in fast-growing tech.
- Deep expertise ISO 42001, PCI DSS, NIST 800-53, FedRAMP, HIPAA.
- Systems-oriented, engineering-focused GRC mindset with cloud architecture and data flows.
- Experience owning complex audits and remediation across distributed teams.
- Hands-on with multi-cloud infra (AWS, Azure, GCP) and automating security controls.
- Certifications such as CISSP, CISA, PCI ISA, ISO 27001 Lead Auditor.
🎁 Benefits
- Flexible (Unlimited) Paid Time Off
- Medical, Dental, and Vision benefits for you and your family
- Life Insurance and Disability Benefits
- Retirement Plan with Sierra match
- Parental Leave
- Fertility and family-building benefits through Carrot
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!