Senior Staff Engineer, Compliance Automation

<h2>About Nscale</h2> <p>Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.</p> <p>We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.</p> <h2>About the Role</h2> <p><span class="textBold">We’re hiring a Senior Staff Engineer, Compliance Automation to build a high-rigor, audit-ready compliance engineering function across Nscale’s global AI infrastructure.</span></p> <p>This is a hands-on senior individual contributor role at the intersection of <strong><strong class="textBold">security, compliance, and engineering</strong></strong>. You will work directly with infrastructure, platform, and product engineering teams to turn compliance requirements into durable engineering systems, automation, and continuous assurance mechanisms.</p> <p>As Nscale expands into regulated enterprise markets, this role is critical to how we earn and maintain customer trust. You’ll help define how compliance programs are operated, automated, and scaled, creating the automation-first foundation that enables the GRC function to grow with the business.</p> <h2>What you'll be doing</h2> <p><strong><strong class="textBold">Compliance Program Engineering</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Lead</strong></strong> the technical execution of compliance programs across <strong><strong class="textBold">ISO 27001 family, SOC 2 Type II, NIS2, NIST CSF</strong></strong>, and other applicable frameworks.</li> <li value="2"><strong><strong class="textBold">Build</strong></strong> unified control mappings across frameworks to reduce duplicate evidence work and ensure controls satisfy multiple requirements simultaneously.</li> <li value="3"><strong><strong class="textBold">Design</strong></strong> evidence repositories, remediation workflows, and reporting structures that scale with the business.</li> </ul> <p><strong><strong class="textBold">Audit Readiness and Engagement</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Own</strong></strong> audit readiness for major certifications, including evidence completeness, cross-framework control mappings, and audit defensibility.</li> <li value="2"><strong><strong class="textBold">Support</strong></strong> external audit engagements by providing auditor-ready evidence and control narratives.</li> <li value="3"><strong><strong class="textBold">Partner</strong></strong> alongside the customer-trust lead to address deep technical control questions.</li> <li value="4"><strong><strong class="textBold">Report</strong></strong> on compliance posture, control effectiveness, and audit risk to senior leadership.</li> </ul> <p><strong><strong class="textBold">Automation and Continuous Assurance</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Build</strong></strong> automation-first compliance systems using modern GRC platforms such as <strong><strong class="textBold">Vanta, Drata, or equivalent</strong></strong>.</li> <li value="2"><strong><strong class="textBold">Implement</strong></strong> continuous control monitoring to shift the function from point-in-time evidence collection to ongoing assurance.</li> <li value="3"><strong><strong class="textBold">Evaluate</strong></strong> and deploy AI-assisted workflows where they improve evidence collection, control validation, audit preparation, or remediation tracking.</li> <li value="4"><strong><strong class="textBold">Reduce</strong></strong> manual compliance effort through integrations, automation, and engineering-led tooling.</li> </ul> <p><strong><strong class="textBold">Engineering Partnership and Compliance-as-Code</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Partner</strong></strong> directly with infrastructure, platform, and product engineering teams to embed compliance into systems by design.</li> <li value="2"><strong><strong class="textBold">Translate</strong></strong> framework requirements into engineering-actionable controls.</li> <li value="3"><strong><strong class="textBold">Build</strong></strong> mechanisms for compliance validation in production environments instead of relying on manual checks.</li> </ul> <p><strong><strong class="textBold">Program Development</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Help shape</strong></strong> the broader GRC program architecture as it grows.</li> <li value="2"><strong><strong class="textBold">Contribute</strong></strong> to roadmap planning, tooling decisions, and team strategy.</li> </ul> <h2>KPIs</h2> <ul> <li value="1">Control automation coverage across in-scope frameworks</li> <li value="2">Control effectiveness and verifiability in production environments</li> <li value="3">Reduction in manual compliance work and evidence collection effort</li> <li value="4">Evidence quality, traceability, and audit defensibility</li> </ul> <h2>About You</h2> <ul> <li value="1"><strong><strong class="textBold">10+ years</strong></strong> of experience in security compliance, GRC, or assurance engineering</li> <li value="2">Deep, hands-on expertise across <strong><strong class="textBold">ISO 27001, SOC 2 Type II, and NIST CSF</strong></strong></li> <li value="3">Strong understanding of cloud infrastructure, security controls, and modern engineering environments</li> <li value="4">Demonstrated experience building automation-first compliance programs at scale</li> <li value="5">Experience working directly with engineering teams to implement compliance-as-code</li> <li value="6">Track record of replacing manual compliance work with sustainable automation</li> <li value="7">Experience with continuous control monitoring in production environments</li> <li value="8">Hands-on experience with modern GRC platforms such as <strong><strong class="textBold">Vanta, Drata, or ServiceNow GRC</strong></strong></li> <li value="9">Experience with AI infrastructure, hyperscale, or other regulated environments</li> <li value="10">Experience operating across multiple geographies, including <strong><strong class="textBold">NA, EMEA, and APAC</strong></strong></li> </ul> <h2>What we can offer you</h2> <p>At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.</p> <ul> <li>Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. 🚀</li> <li>Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. ✨</li> <li>Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support.</li> <li>Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.</li> </ul> <h2>Equal Opportunities Statement</h2> <p>We strongly encourage applications from people of color, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.</p> <p>If there’s anything we can do to accommodate your specific situation, please let us know.</p> <p>The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.</p> <p>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice: Here.</p> <h2>Salary Range</h2> <p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.</p><div class="content-pay-transparency"><div class="pay-input"><div class="description"><p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.</p></div><div class="title">Salary Range</div><div class="pay-range"><span>$175,000</span><span class="divider">&mdash;</span><span>$200,000 USD</span></div></div></div><div class="content-conclusion"><p><em>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice:&nbsp;<a href="https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp=sharing" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp%3Dsharing&amp;source=gmail&amp;ust=1765375172804000&amp;usg=AOvVaw2Ncte4rmlGl8OKuFuDgDtx">Here.</a></em></p></div>