Technical Compliance Analyst

About Us:

At Sauce Labs, we empower the world's top enterprises - like Walmart, Bank of America, and Indeed - to deliver quality web and mobile applications at speed. Our industry-leading platform ensures continuous quality across the SDLC, using AI-powered analytics to identify key quality signals from development through production. With our unified solution, teams can release and innovate with confidence, knowing their apps will always look, function, and perform exactly as they should. Backed by TPG and Riverwood Capital, we are shaping the future of digital confidence - join us!

The Role:

As a Technical Compliance Analyst at Sauce Labs, you are the bridge between regulatory frameworks and cloud-native engineering. You'll join a two-person compliance team, collaborating daily with Security, Engineering, Product, IT, and Legal. You don't just "check boxes"; you audit cloud configurations, validate data flows, and architect the automated guardrails that protect our multi-cloud environment. You will ensure our global compliance posture is rooted in technical reality, turning complex security requirements into scalable, automated infrastructure successes.

Responsibilities:

Cloud Governance & Infrastructure Validation

• Technical Audit & Mapping: Translate SOC 2 and ISO controls into technical requirements for AWS/GCP environments. You will work with Security and Engineering to validate that cloud configurations (IAM roles, S3 bucket policies, encryption at rest/transit) align with our control framework.

• GRC Automation (Vanta): Serve as the compliance team's power user for our GRC platform. You will identify integration owners across the organization and work with them to configure connections between Vanta and our production stack (GitHub, AWS, Okta) so that the platform delivers actionable, reliable data for the compliance team.

Privacy Engineering & Data Sovereignty

• Privacy Management (Transcend): Oversee the Data Subject Request (DSR) process, coordinating with Engineering to ensure timely fulfillment in compliance with GDPR. You will also maintain a dynamic Record of Processing Activity (RoPA) by engaging with teams across Sauce Labs to map data flows across our services.

• Consent Architecture: Partner with Engineering and Marketing Ops to ensure our consent management tooling, including cookie banners and tracking scripts, remains aligned with regional privacy laws.

Security Advocacy & Technical Sales Support

• Technical Trust Center: Lead the technical response for client security questionnaires. You must be able to explain Sauce Labs network architecture, tenant isolation models, and SDLC security controls to sophisticated enterprise security architects.

• Vendor Risk Assessment (VRA): Conduct technical deep dives into third-party vendors. You will evaluate the architectural security of sub-processors, ensuring their data handling practices meet our stringent encryption and residency requirements.

AI Governance & Emerging Tech

• ISO 42001 (AIMS): Operationalize the AI Risk Register by reviewing AI use cases and tracking risk across our AI-driven initiatives. You will ensure compliance with emerging global standards for algorithmic transparency and safety.

• Policy as Code: Assist in developing policies that are practical and relevant to modern CI/CD workflows. Over time, explore opportunities to leverage AI-driven tooling to automate policy enforcement.

Required Skills:

• Experience: 3+ years in Compliance, Security Operations, or Cloud Audit within a high-growth SaaS environment.

• Cloud Literacy: A strong understanding of Cloud Infrastructure (AWS/GCP).

• The Tech Stack: Experience with GRC automation platforms (e.g., Vanta, Drata), privacy management tools (e.g., Transcend, OneTrust), and identity providers (e.g., Okta, Azure AD).

• Framework Fluency: Deep technical knowledge of SOC 2, ISO 27001, and ISO 27701.

• Privacy Operations: Experience managing DSR workflows and maintaining Records of Processing Activity (RoPA) in a GDPR-regulated environment.

• Communication: The ability to have technical conversations with engineers and translate compliance requirements into language that resonates with DevOps and Engineering teams. You will also collaborate with Engineering to work through complex customer inquiries about Sauce Labs products and platforms.

• Working Style: Ability to work autonomously in an asynchronous environment with teammates across time zones, with a high standard for quality and thoroughness.

• Language: Professional fluency in English (C1+) is required and will be evaluated during the interview process.

Location: This is an in-office role based at our Berlin office, with the expectation of being on-site most days.

Please note our privacy terms when applying for a job at Sauce Labs.

Sauce Labs is proud to be an Equal Opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender identity/expression/status, sexual orientation, age, marital status, veteran status or disability status.

Security responsibilities at Sauce

At Sauce, we will commit to supporting the health and safety of employees and properties, partnering with internal stakeholders to learn and act on ever-evolving security protocols and procedures. You’ll be expected to fully comply with all policies and procedures related to security at the department and org wide level and exercise a ‘security first’ approach to how we design, build & run our products and services.