Skip to content
ElevenLabsElevenLabsNew York, NY

Compliance Engineer - US

Maintains US government compliance certifications like GovRAMP and FedRAMP, conducts risk assessments using NIST/CIS, builds documentation, and automates compliance tooling for cloud environments and CI/CD pipelines. Requires experience in regulated industries and compliance tools like Vanta.

Salary not listed
RemoteSecurity Engineering

About the role

Responsibilities

  • Collaborate across teams to maintain US Government compliance certifications and frameworks such as GovRAMP, FedRAMP, CJIS, and CMMC.
  • Shape ElevenLabs’ Enterprise offering towards regulated industries such as Local and State Government, Defense, and Finance.
  • Build technical documentation to demonstrate compliance to customers throughout the stack.
  • Assist the sales team by responding to client security requests and managing compliance-related queries.
  • Conduct risk assessments based on CIS or NIST frameworks, document findings, and help teams achieve compliance efficiently.
  • Enhance compliance as code tooling to automate monitoring, reporting, and reduce friction for other teams to remain compliant.

Requirements

  • Experience in completing vendor security assessments and client security questionnaires in highly regulated industries, such as Government and Defense in the US.
  • Strong technical expertise in managing and executing compliance, with hands-on experience using compliance management tools (e.g. Vanta).
  • Proven ability to maintain and acquire certifications while managing audit readiness and documentation.
  • Experience collaborating with cross-functional teams (sales, engineering, legal) to effectively communicate compliance requirements and ensure smooth operations.
  • Experience with public cloud compliance (AWS, GCP, Azure) and automating compliance in cloud environments.
  • Familiarity with integrating compliance tools into CI/CD pipelines to automate monitoring and reporting.

Skills

VantaGovrampFedRAMPCjisCmmcNistCisAWSGCPAzureCI/CD
Forus

Security Program Manager

ForusNew York, NY

Own end-to-end compliance programs (SOC 2, HIPAA, HITRUST), build customer trust function, implement automation, and partner with engineering on controls for a healthcare AI platform handling protected health information.

Salary not listed
On-site4+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k/yr
HybridSecurity Engineering
Zocdoc

Application Security Engineer

ZocdocUnited States

Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.

100k – 140k/yr
RemoteSecurity Engineering
Cloudflare

Detection & Mitigation Engineer

CloudflareUnited States

Security Detections Engineer identifying attacker TTPs, building real-time detections, and mitigating threats/abuse across Cloudflare's global platform using data analysis, SQL, scripting, and threat intelligence. Requires strong analytical and communication skills.

Salary not listed
HybridSecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k/yr
On-site3+ YOESecurity Engineering