QA Compliance Lead – Developer Productivity

5 - 10 years
Quality Assurance
Full Time
United States
San Francisco, CA
November 11, 2019

The role of the compliance lead is to make compliance an integral part of the software development process at Mulesoft. The ideal candidate will have a background in quality or developer productivity and will have the ability to analyze complex requirements and build tooling that makes compliance easy, transparent, and exception-based.

We’re looking at this problem in a different way, seeking to make compliance an inside-out and proactive activity rather than something that is bolted on or managed from outside Engineering.


  • Shape and instrument our software development processes to maximize our ability to continuously deliver applications that are demonstrably compliant with applicable regulations and frameworks.
  • Gather and implement requirements from internal and external compliance stakeholders. Create partnerships with internal auditors to reduce workload and increase clarity.
  • Work with security and IT teams to build procedures to onboard and give permissions to users with the proper level of audit and approval.
  • Implement a role-based permission model across key applications in the Software Delivery pipeline to improve audit-ability and reduce management overhead.
  • Build automation that continuously audits systems for potential or actual violations of Segregation of Duties (SoD) in our source code, build and deployment systems.
  • Automate continuous collection of evidence for external stakeholders, including customers.
  • Integrate all third-party SAAS providers with internal identity providers to maintain user base integrity, as well as correct permissions.
  • Define requirements for tooling and process across the shared services teams to make compliance with GDPR, FedRAMP, and other regulations safe, automated, audit-able, and friction-free.
  • Identify, select and configure third-party tools to assist with compliance activities as needed.
  • Participate in compliance audits and other information distribution sessions as necessary.
  • Define skill sets, create job descriptions and evaluate new hires.


  • 5+ years quality or developer productivity experience with a distinguished track record of driving outcomes for Engineering teams.
  • Good understanding of FedRAMP, SOX, SOC2, ISO 27001, GDPR and how they affect a Software Engineering organization.
  • Solid understanding of common compliance frameworks such as COBIT, COSO, ISO 27K, HITRUST, and industry-recognized guidance such as NIST.
  • Ability to motivate people, instill accountability and achieve results.
  • Ability to communicate with data, creating compelling calls to action through analysis and reporting.
  • Agile, proactive, comfortable working with ambiguous specifications and can prioritize on the fly.
  • Excellent written and verbal communication skills, documentation of knowledge, mentoring ability, and comfort interacting with all levels of management.
  • Masters/Bachelors Degree in Computer Science, Software Engineering, or Equivalent Experience.

Posting Statement and are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. and do not accept unsolicited headhunter and agency resumes. and will not pay fees to any third-party agency or company that does not have a signed agreement with or
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Apply for this job


Related Jobs