This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
As a UKG Compliance Engineer, you will help our engineers implement and audit Palantir security controls across our entire product line. You'll work closely with many different teams to shape these controls and cultivate a robust and nimble approach to risk management across the company. You will navigate and interpret complex government regulatory frameworks and approaches (e.g. Secure-by-Design, application of relevant MOD JSPs and NIST standards) in order to provide practical guidance on technical architecture, documentation and operational concerns, and sustainable processes that will allow us to continue to grow quickly and efficiently.
Job Responsibility:
Partner with engineers to interpret and map compliance requirements to control implementation and assist with product architecture
Directly facilitate operational and regulatory outcomes across our UK government client portfolio, including Secure by Design adherence, MOD JSP compliance and continuous monitoring
Develop and deliver evidence to meet regulatory compliance audits across the UK government client portfolio
Propose and implement ideas for operational improvements and facilitate automation for procedural compliance controls
Guide technical and operational decision-making towards future product offerings and efficient organisational processes
Evaluate and advise the business on new and evolving UK Government certification programmes, requirements, and technologies
Manage and participate in audits, as appropriate
Requirements:
3+ years’ experience with compliance audits and prior UK Government compliance and audit experience (MOD JSP application, Secure by Design, NIST 800-53, and UK Government ATOs, etc.)
Current UK security clearance (SC or DV level)
Relevant professional certifications (CIPM, CIPP/E, CRISC, CISSP, or similar)
Familiarity with data protection compliance tools and GRC platforms
Nice to have:
Deep understanding of on-premises infrastructure and security concepts
Experience working directly with the UK Ministry of Defence or other government departments
Experience successfully supporting security and compliance efforts in complex on-premises data centres
Experience performing technical assessments in direct support of compliance efforts
Experience developing security and risk assessment plans and related documentation
Ability to clearly convey compliance requirements to internal engineering teams and associated implementation to external customers using effective written and verbal communication skills
Proficiency with security concepts (encryption, authentication, etc.) and tooling for continuous monitoring (Nessus SecurityCenter, Burp, Jira, Splunk, etc.)
Knowledge of cloud security compliance (AWS, Azure, GCP)
Understanding of DevSecOps practices and secure software development lifecycles
What we offer:
Promoting health and well-being across all areas of Palantirians’ lives