# Senior Compliance Automation Engineer **Company**: Anduril **Location**: Washington, District of Columbia, United States **Work arrangement**: onsite **Experience**: senior **Job type**: full-time **Salary**: $129,000-$198,000 USD **Category**: Engineering **Industry**: Technology **Apply**: https://job-boards.greenhouse.io/andurilindustries/jobs/5128973007?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply **Canonical**: https://yubhub.co/jobs/job_736c8068-d29 ## Description We are seeking a Cybersecurity Compliance Engineer to serve as a technical leader and strategic driver within our Cyber Risk and Compliance Team. This is a high-impact, highly autonomous role designed for a professional who bridges the gap between hands-on systems operations and enterprise-level governance. In this role, you will not just run compliance checklists; you will identify systemic organisational problems, design technical and process-driven solutions, and lead cross-functional modernisation projects with minimal supervision. You will champion the transition from manual, point-in-time compliance to automated, continuous compliance monitoring across the enterprise. **Strategic Initiative Ownership & Project Management** - Drive End-to-End Projects: Lead complex, multi-department modernisation initiatives from initial strategy through architectural design and execution. Own project schedules, resource planning, and milestone tracking. - Autonomous Execution: Proactively identify gaps in our current compliance, security posture, and automation capabilities. Formulate and roll out strategic remediation plans with minimal oversight. - Change Management: Lead enterprise-wide rollouts of new security policies, tooling, and baseline configurations, ensuring smooth adoption across technical and non-technical business units. **Compliance Automation & Technical GRC Engineering** - Build Continuous Monitoring Pipelines: Architect and implement automated control evidence ingestion pipelines, integrating data from AWS/Azure, identity platforms, and endpoint management tools into our GRC platform. Operationalise AI models trained for compliance. - Policy-as-Code & Engineering Standards: Translate regulatory, policy, and control requirements into technical designs. Collaborate with engineering and DevOps to operationalise policy-as-code and automated guardrails. - Control Mapping & Framework Management: Direct the operational mapping of security controls across NIST SP 800-171, CMMC (Levels 2 & 3), ISO 27001, Sarbanes-Oxley, Cyber Essentials, et al. **Leadership & Cross-Functional Influence** - Technical Mentorship: Act as a subject matter expert and mentor to team members, setting technical and operational excellence standards for the Cyber Risk and Compliance Team. - Cross-Functional Collaboration: Partner with Cybersecurity Engineering, IT Operations, and Cloud Infrastructure teams to resolve complex security challenges and ensure cohesive implementation of compliance standards. - Risk Reporting: Translate complex, technical risk data into executive-ready reports, ensuring leadership has clear visibility into cumulative risk, trends, and mitigation priorities. **Required Qualifications** - Systems & Infrastructure Foundation: 5+ years of experience in enterprise IT operations (e.g., Senior Help Desk, Systems Administration, or Security Operations). Deep understanding of IAM, Active Directory, cloud environments, and endpoint security. - GRC Experience: 3+ years of technical GRC experience mapping and operationalising controls under frameworks like NIST SP 800-171, CMMC, or ISO 27001. - Project Management & Autonomy: Proven track record of independently managing and executing technical projects. Ability to navigate ambiguity, define project scope, and lead cross-functional stakeholders without direct authority. - Problem-Solving & Strategic Impact: Demonstrated ability to analyse systemic business and technical challenges, formulate long-term strategic solutions, and execute rollouts that improve enterprise-wide security posture. - Automation Familiarity: Experience using and integrating GRC platforms, combined with basic scripting knowledge to support automation efforts. - Ability to obtain and maintain a US Secret security clearance ## Skills ### Required - Systems Administration - Security Operations - IAM - Active Directory - Cloud Environments - Endpoint Security - GRC - NIST SP 800-171 - CMMC - ISO 27001 - Project Management - Autonomy - Problem-Solving - Strategic Impact - Automation - Scripting --- Source: [Apply at job-boards.greenhouse.io](https://job-boards.greenhouse.io/andurilindustries/jobs/5128973007?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply)