Security and Compliance Manager
Sierra
hackajob is collaborating with Sierra to connect them with exceptional professionals for this role.
About us
At Sierra, we’re creating a platform to help businesses build better, more human customer experiences with AI. We are primarily an in-person company based in San Francisco, with growing offices in Atlanta, New York, London, Paris, Madrid, Munich, Singapore, Japan, and Sydney.
We are guided by a set of values that are at the core of our actions and define our culture: Trust, Customer Obsession, Craftsmanship, Intensity, and Family. These values are the foundation of our work, and we are committed to upholding them in everything we do.
Our co-founders are Bret Taylor and Clay Bavor. Bret currently serves as Board Chair of OpenAI. Previously, he was co-CEO of Salesforce (which had acquired the company he founded, Quip) and CTO of Facebook. Bret was also one of Google's earliest product managers and co-creator of Google Maps. Before founding Sierra, Clay spent 18 years at Google, where he most recently led Google Labs. Earlier, he started and led Google’s AR/VR effort, Project Starline, and Google Lens. Before that, Clay led the product and design teams for Google Workspace.
What you'll do
Own independent audits and regulatory programs including ISO 42001, PCI DSS, NIST 800-53, FedRAMP, HIPAA, and related frameworks.
Drive scope definition, readiness assessments, auditor engagement, remediation planning, and executive level reporting.
Develop a strong working understanding of Sierra’s Conversational AI Platform, model providers, and cloud architecture. Partner with Platform and Agent Engineering to design and operationalize controls across multi cloud environments, infrastructure, inference and data platforms.
Build a centralized and evolving security controls library mapped to compliance, regulatory and customer requirements. Continuously assess control effectiveness, identify gaps, prioritize risk, and drive remediation that strengthens Sierra’s security and compliance posture.
Define and enforce security baselines for cloud infrastructure, containerized workloads, Kubernetes, identity, encryption, logging, and network security controls. Partner with engineering teams to integrate security requirements into configuration and change management.
Design and operate automated compliance workflows using AI, infrastructure as code, and security tooling to reduce manual effort, improve control assurance, and scale with platform evolution.
Who you’ll work with
You will act as a strategic partner to Platform, Product, Agent Development, Legal, and GTM, ensuring security and compliance requirements are embedded into architecture decisions, product roadmaps, and go to market execution while supporting product velocity and technical complexity.
What you’ll bring
8+ years of experience in security compliance or GRC or security adjacent roles within fast growing technology companies.
Deep expertise in security compliance frameworks including ISO 42001, PCI DSS, NIST 800-53, FedRAMP, and similar regulatory environments.
A systems oriented and engineering focused GRC mindset, with the ability to reason about cloud architecture, data flows, and control effectiveness alongside engineers.
Experience owning complex audits and driving risk based remediation across distributed teams.
Hands-on experience with multi-cloud infrastructure (AWS, Azure, GCP).
Strong experience implementing and automating security controls across cloud infrastructure, configuration management, container security, Kubernetes, encryption, identity, and authentication systems.
Ability to clearly communicate compliance requirements internally to engineering teams and externally to customers in a technically credible way.
Relevant certifications such as CISSP, CISA, PCI ISA, ISO 27001 Lead Auditor, or equivalent experience.
Even better...
Experience supporting AI platforms, fintech, healthcare, or other highly regulated environments.
Familiarity with global regulatory environments including GDPR, DORA, the EU AI Act, and emerging security and AI governance requirements across APAC regions.
Experience supporting public sector or FedRAMP aligned environments.
Why join us?
You will operate at the center of AI systems, cloud infrastructure, and global compliance, shaping how security controls are designed and scaled for modern AI platforms. This role offers high ownership, deep technical partnership with engineering, and the opportunity to define what strong GRC looks like at Sierra.
Our values
Trust: We build trust with our customers with our accountability, empathy, quality, and responsiveness. We build trust in AI by making it more accessible, safe, and useful. We build trust with each other by showing up for each other professionally and personally, creating an environment that enables all of us to do our best work.
Customer Obsession: We deeply understand our customers’ business goals and relentlessly focus on driving outcomes, not just technical milestones. Everyone at the company knows and spends time with our customers. When our customer is having an issue, we drop everything and fix it.
Craftsmanship: We get the details right, from the words on the page to the system architecture. We have good taste. When we notice something isn’t right, we take the time to fix it. We are proud of the products we produce. We continuously self-reflect to continuously self-improve.
Intensity: We know we don’t have the luxury of patience. We play to win. We care about our product being the best, and when it isn’t, we fix it. When we fail, we talk about it openly and without blame so we succeed the next time.
Family: We know that balance and intensity are compatible, and we model it in our actions and processes. We are the best technology company for parents. We support and respect each other and celebrate each other’s personal and professional achievements.
What we offer
We want our benefits to reflect our values and offer the following to full-time employees:
Flexible (unlimited) paid time off
Medical, dental, and vision benefits for you and your family
Life insurance and disability benefits
Retirement plan dependent on country of employment
Parental leave
Fertility and family building benefits through Carrot
Lunch, as well as delicious snacks and coffee to keep you energized
Discretionary benefit stipend giving people the ability to spend where it matters most
Free alphorn lessons
These benefits are further detailed in Sierra's policies, may vary by region, and are subject to change at any time, consistent with the terms of any applicable compensation or benefits plans. Eligible full-time employees can participate in Sierra's equity plans subject to the terms of the applicable plans and policies.
Be you, with us
We're working to bring the transformative power of AI to every organization in the world. To do so, it is important to us that the diversity of our employees represents the diversity of our customers. We believe that our work and culture are better when we encourage, support, and respect different skills and experiences represented within our team. We encourage you to apply even if your experience doesn't precisely match the job description. We strive to evaluate all applicants consistently without regard to race, color, religion, gender, national origin, age, disability, veteran status, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
$195k - $205k
...team who work together and help organizations around the world turn their unstructured data into insights instantly. As Security & Compliance Manager , you’ll be responsible for building and managing out our Security and GRC (Governance, Risk and Compliance) program, driving...SuggestedWork at officeFlexible hoursWeekend work$190k - $275k
...— shape how we work and grow as a team. About the Team The Security Engineering team at Decagon protects the platform that powers... ...of security and privacy. About the Role Join Decagon as a Compliance Manager and play a critical role in securing customer trust as we scale...SuggestedFull timeFor contractorsWork at officeLocal area$65 - $85 per hour
...Senior GRC Analyst - Security & Compliance LHH Recruitment Solutions is partnering with a high-growth, cloud-native SaaS organization to... ...Rate: $65-$85/hr (DOE) Key Responsibilities Own and manage the Information Security Management System (ISMS), including...SuggestedHourly payContract workTemporary workWork at officeLocal area$135k - $165k
...company transforming how organizations review, negotiate, and manage contracts. Security, privacy, and trust are foundational to our platform and... ...we are looking for a highly motivated Governance, Risk & Compliance (GRC) Analyst to support and mature Ivo's security...SuggestedContract workFlexible hours$182k - $280k
Kikoff: The Fintech Powering Financial Security at Scale Kikoff is a profitable, pre-IPO... ...Kikoff is seeking a Head of Consumer Compliance to lead and own our consumer protection... ...continuously enhance Kikoff's consumer compliance management system (CMS), including policies,...SuggestedLocal area- ...Francisco seeks a Governance, Risk, and Compliance Analyst for the Department of... ...and vendor evaluations while supporting security training and education programs. The ideal... ...experience in cybersecurity frameworks and risk management. This full-time position offers a...Full time
$135k - $165k
...is seeking a proactive GRC Analyst to join our team in San Francisco. This role will support compliance and risk management initiatives essential for maintaining high security standards. The ideal candidate will have 3-5 years of experience in GRC and relevant qualifications...Contract work- Simile in San Francisco is seeking a Governance, Risk, and Compliance (GRC) Analyst to ensure the integrity of our AI systems. The role revolves around developing security policies, managing compliance, and fostering a culture of security awareness across the company. The...
$150k
...Francisco, CA to support their Governance, Risk, and Compliance program. The role includes managing user access reviews, supporting audits, and leveraging... ...will have 5-7 years of experience in information security or related compliance roles and familiarity with compliance...- Youcom is seeking a GRC Analyst to support the compliance function within our Security, IT, and Privacy team. This role focuses on managing compliance programs across key frameworks like SOC 2 and ISO 27001. The successful candidate will coordinate audit activities, conduct...Flexible hours
- Salesforce.com, inc. is seeking a detail-oriented Security GRC Analyst to join their Security and Compliance team. In this role, you will lead the Unified Audit... ...various frameworks like SOC 2 and HIPAA, while managing evidence collection and liaising with external auditors...
- Ivo is looking for a detail-oriented Governance, Risk & Compliance (GRC) Analyst in San Francisco. The ideal candidate will support compliance programs such as SOC 2 Type II and ISO 27001 while managing audits and risk assessments. This onsite role offers a competitive...
$198k - $368k
...are, join our team. KPMG is currently seeking a Director, Security Compliance to join our Digital Security team. Responsibilities:... ...an environment of innovation and challenging the status quo; manage and review those team members' work product. Contribute to planning...Temporary workH1bLocal area$175k - $210k
...about problem solving, the way we staff our projects and with whom we staff our projects – that’s what makes us Singular. The Compliance Manager is primarily responsible for key business functions of our commercial construction company including risk management,...Contract workFor contractorsFor subcontractorWork at officeLocal areaRelocation- ...Holdings is a holding and investment company that is responsible for managing the assets and the wealth of the Novo Nordisk Foundation. The... .... Position Overview Novo Holdings is seeking a seasoned compliance professional with experience supporting private equity funds and...Work at officeRelocationFlexible hours2 days per week1 day per week
$110.64k - $136.46k
...be assessed during the interview process. About The Role The Compliance Manager, Broker-Dealer & Investment Adviser is an essential member of... ...approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required....Full timeWork at officeLocal area2 days per week3 days per week- Casca is looking for a Security Leader in San Francisco to shape security practices for AI-driven banking solutions. You will build security tooling, manage a team of engineers, and enhance compliance measures. The ideal candidate has over 5 years of experience in security...
- Decagon is looking for a Compliance Manager in San Francisco to enhance customer trust as we expand our services. You'll drive compliance certifications and improve security documentation while coordinating with various teams to address security concerns for enterprise...
- ...Smith Fund, located in San Francisco, is seeking an Application Security Lead to build security tooling and mentor engineers. The role... ...ensuring data privacy and driving customer trust through compliance initiatives like SOC 2 and ISO 27001. Ideal candidates have over...
$255k
...together to build beneficial AI systems. About the role We're seeking an experienced Policy Communications Manager to help drive external communications for our security, governance, and responsible scaling programs, and associated work. This role offers the opportunity to...Visa sponsorship$102k - $159k
...for millions of Americans to achieve more. About the Role The Compliance Advisory team helps the business deliver products and... ...mitigation strategies Participate in discussions with senior management including within strategic priorities, risk assessments, regulatory...Work at officeLocal areaRemote workRelocationFlexible hours$115k - $145k
Clearway Energy Group is seeking a Manager of Regulatory Compliance in San Francisco to assist in the management of the electric regulatory compliance program. This role involves ensuring compliance with NERC and other federal regulations, preparing submissions, and managing...- ...once had to do. What you'll do: Build security tooling & processes that engineers... ...mechanisms for appsec, identity and access management, and threat detection that naturally integrate... ...‑to‑market and legal teams to support compliance and customer‑driven initiatives. Own...
$148.5k - $223.9k
...the future of Salesforce. The Experience Location: Bellevue, San Francisco or McLean. Salesforce is seeking a Manager of Governance, Risk and Compliance Security Automation to lead the design, deployment, and scaling of compliance automation capabilities within Security....$96.3k - $145.2k
...core values at the heart of it all. About the Role The Security GRC (Governance, Risk, and Compliance) Analyst role is part of our Security and Compliance... ...schedules and minimizing duplication across certifications. Manage internal evidence collection by assigning tasks to...Work at office$225k - $300k
...adaptive future. About the Role We’re looking for a hands‑on security and compliance leader with a strong SaaS, AI/ML and data oriented... ...security posture: IAM, VPC and network design, KMS, Secret Manager, Security Command Center, Cloud Logging and detection engineering...Flexible hours$172k - $250k
...Grant Thornton is seeking a Director of Information Security Audit & Compliance to join the team. Approved office locations can be found below.... ...be responsible for establishing global delivery centers, managing internal and external audits, and ensuring the information...InternshipSeasonal workWork at officeLocal areaFlexible hours3 days per week$154k - $231k
...Tuesday. What You’ll Do Validate and verify the organization’s security controls and practices meet the requirements of ISO 27001, 2770... ...requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization...Work at officeLocal areaWork from homeFlexible hours$95k - $130k
LiveRamp is seeking a Security GRC Analyst in San Francisco to support security risk management, compliance, and reporting efforts. You will collaborate closely with various teams to address and mitigate risks while maintaining high compliance standards. The ideal candidate...Remote job$95k - $130k
Overview Security GRC Analyst job at LiveRamp. San Francisco, CA. LiveRamp is the data... ...staying on the forefront of rapidly evolving compliance and privacy requirements. The LiveRamp... ...Compliance in supporting security risk management, security maturity assessments, cloud...Work at officeRemote workWork from homeFlexible hoursNight shift
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security and Compliance Manager. Be the first to apply!
- corporate security manager San Francisco, CA
- security systems manager San Francisco, CA
- security manager San Francisco, CA
- security engineering manager San Francisco, CA
- program manager with security clearance San Francisco, CA
- director information security San Francisco, CA
- director global security San Francisco, CA
- senior director information security San Francisco, CA
- surveillance manager San Francisco, CA
- product security manager San Francisco, CA

