Security and Compliance Manager
Colorwave Inc
What You'll Do
Own independent audits and regulatory programs including ISO 42001, PCI DSS, NIST 800-53, FedRAMP, HIPAA, and related frameworks.
Drive scope definition, readiness assessments, auditor engagement, remediation planning, and executive level reporting.
Develop a strong working understanding of Sierra's Conversational AI Platform, model providers, and cloud architecture. Partner with Platform and Agent Engineering to design and operationalize controls across multi cloud environments, infrastructure, inference and data platforms.
Build a centralized and evolving security controls library mapped to compliance, regulatory and customer requirements. Continuously assess control effectiveness, identify gaps, prioritize risk, and drive remediation that strengthens Sierra's security and compliance posture.
Define and enforce security baselines for cloud infrastructure, containerized workloads, Kubernetes, identity, encryption, logging, and network security controls. Partner with engineering teams to integrate security requirements into configuration and change management.
Design and operate automated compliance workflows using AI, infrastructure as code, and security tooling to reduce manual effort, improve control assurance, and scale with platform evolution.
What You'll Bring
8+ years of experience in security compliance or GRC or security adjacent roles within fast growing technology companies.
Deep expertise in security compliance frameworks including ISO 42001, PCI DSS, NIST 800-53, FedRAMP, and similar regulatory environments.
A systems oriented and engineering focused GRC mindset, with the ability to reason about cloud architecture, data flows, and control effectiveness alongside engineers.
Experience owning complex audits and driving risk based remediation across distributed teams.
Hands-on experience with multi-cloud infrastructure (AWS, Azure, GCP).
Strong experience implementing and automating security controls across cloud infrastructure, configuration management, container security, Kubernetes, encryption, identity, and authentication systems.
Ability to clearly communicate compliance requirements internally to engineering teams and externally to customers in a technically credible way.
Relevant certifications such as CISSP, CISA, PCI ISA, ISO 27001 Lead Auditor, or equivalent experience.
Even Better...
Experience supporting AI platforms, fintech, healthcare, or other highly regulated environments.
Familiarity with global regulatory environments including GDPR, DORA, the EU AI Act, and emerging security and AI governance requirements across APAC regions.
Experience supporting public sector or FedRAMP aligned environments.
Why Join Us?
You will operate at the center of AI systems, cloud infrastructure, and global compliance, shaping how security controls are designed and scaled for modern AI platforms. This role offers high ownership, deep technical partnership with engineering, and the opportunity to define what strong GRC looks like at Sierra.
Our Values
Trust: We build trust with our customers with our accountability, empathy, quality, and responsiveness. We build trust in AI by making it more accessible, safe, and useful. We build trust with each other by showing up for each other professionally and personally, creating an environment that enables all of us to do our best work.
Customer Obsession: We deeply understand our customers' business goals and relentlessly focus on driving outcomes, not just technical milestones. Everyone at the company knows and spends time with our customers. When our customer is having an issue, we drop everything and fix it.
Craftsmanship: We get the details right, from the words on the page to the system architecture. We have good taste. When we notice something isn't right, we take the time to fix it. We are proud of the products we produce. We continuously self-reflect to continuously self-improve.
Intensity: We know we don't have the luxury of patience. We play to win. We care about our product being the best, and when it isn't, we fix it. When we fail, we talk about it openly and without blame so we succeed the next time.
Family: We know that balance and intensity are compatible, and we model it in our actions and processes. We are the best technology company for parents. We support and respect each other and celebrate each other's personal and professional achievements.
What We Offer
We want our benefits to reflect our values and offer the following to full-time employees:
Flexible (unlimited) paid time off
Medical, dental, and vision benefits for you and your family
Life insurance and disability benefits
Retirement plan dependent on country of employment
Parental leave
Fertility and family building benefits through Carrot
Lunch, as well as delicious snacks and coffee to keep you energized
Discretionary benefit stipend giving people the ability to spend where it matters most
Free alphorn lessons
These benefits are further detailed in Sierra's policies, may vary by region, and are subject to change at any time, consistent with the terms of any applicable compensation or benefits plans. Eligible full-time employees can participate in Sierra's equity plans subject to the terms of the applicable plans and policies.
Be You, With Us
We're working to bring the transformative power of AI to every organization in the world. To do so, it is important to us that the diversity of our employees represents the diversity of our customers. We believe that our work and culture are better when we encourage, support, and respect different skills and experiences represented within our team. We encourage you to apply even if your experience doesn't precisely match the job description. We strive to evaluate all applicants consistently without regard to race, color, religion, gender, national origin, age, disability, veteran status, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
- ...Facebook. Bret was also one of Google's earliest product managers and co-creator of Google Maps. Before founding Sierra... ...data platforms. Build a centralized and evolving security controls library mapped to compliance, regulatory and customer requirements. Continuously...SuggestedFull timeFlexible hours
$140k - $180k
...Security Compliance Manager We are looking for a highly motivated Security Compliance Manager with a deep security and compliance background to lead system development and process improvement. As part of Hive's Security Team, you will collaborate with engineers and...Suggested$195k - $205k
...team who work together and help organizations around the world turn their unstructured data into insights instantly. As Security & Compliance Manager , you’ll be responsible for building and managing out our Security and GRC (Governance, Risk and Compliance) program, driving...SuggestedWork at officeFlexible hoursWeekend work$190k - $275k
...— shape how we work and grow as a team. About the Team The Security Engineering team at Decagon protects the platform that powers... ...of security and privacy. About the Role Join Decagon as a Compliance Manager and play a critical role in securing customer trust as we scale...SuggestedFull timeFor contractorsWork at officeLocal area$134k - $202k
...builders move from idea to production with speed, security, and exceptional developer experience. Now,... ...for a GRC Analyst to join our Governance, Risk & Compliance (GRC) team. You will have the opportunity to manage and maintain ongoing compliance with security and...SuggestedWork at officeRemote workWork from homeWorldwideMonday to FridayFlexible hours$65 - $85 per hour
...Senior GRC Analyst – Security & Compliance LHH Recruitment Solutions is partnering with a high-growth, cloud-native SaaS organization to identify... ...: $65–$85/hr (DOE) Key Responsibilities Own and manage the Information Security Management System (ISMS), including...Contract workTemporary workWork at officeLocal area$182k - $280k
Kikoff: The Fintech Powering Financial Security at Scale Kikoff is a profitable, pre-IPO... ...Kikoff is seeking a Head of Consumer Compliance to lead and own our consumer protection... ...continuously enhance Kikoff's consumer compliance management system (CMS), including policies,...Local area$135k - $165k
...is seeking a proactive GRC Analyst to join our team in San Francisco. This role will support compliance and risk management initiatives essential for maintaining high security standards. The ideal candidate will have 3-5 years of experience in GRC and relevant qualifications...Contract work$135k - $165k
...company transforming how organizations review, negotiate, and manage contracts. Security, privacy, and trust are foundational to our platform and... ...we are looking for a highly motivated Governance, Risk & Compliance (GRC) Analyst to support and mature Ivo's security...Contract workFlexible hours- Salesforce.com, inc. is seeking a detail-oriented Security GRC Analyst to join their Security and Compliance team. In this role, you will lead the Unified Audit... ...various frameworks like SOC 2 and HIPAA, while managing evidence collection and liaising with external auditors...
- Youcom is seeking a GRC Analyst to support the compliance function within our Security, IT, and Privacy team. This role focuses on managing compliance programs across key frameworks like SOC 2 and ISO 27001. The successful candidate will coordinate audit activities, conduct...Flexible hours
- Simile in San Francisco is seeking a Governance, Risk, and Compliance (GRC) Analyst to ensure the integrity of our AI systems. The role revolves around developing security policies, managing compliance, and fostering a culture of security awareness across the company. The...
- Ivo is looking for a detail-oriented Governance, Risk & Compliance (GRC) Analyst in San Francisco. The ideal candidate will support compliance programs such as SOC 2 Type II and ISO 27001 while managing audits and risk assessments. This onsite role offers a competitive...
$216k - $252k
About The Team Governance, Risk, and Compliance (GRC) is foundational to Security delivering mission outcomes at OpenAI. The GRC team provides security assurances and builds compliance for OpenAI’s technology, people, and products. We are technical in what we build but...$198k - $368k
...are, join our team. KPMG is currently seeking a Director, Security Compliance to join our Digital Security team. Responsibilities:... ...an environment of innovation and challenging the status quo; manage and review those team members' work product. Contribute to planning...Temporary workH1bLocal area$175k - $210k
...about problem solving, the way we staff our projects and with whom we staff our projects – that’s what makes us Singular. The Compliance Manager is primarily responsible for key business functions of our commercial construction company including risk management,...Contract workFor contractorsFor subcontractorWork at officeLocal areaRelocation$110.64k - $136.46k
...be assessed during the interview process. About The Role The Compliance Manager, Broker-Dealer & Investment Adviser is an essential member of... ...approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required....Full timeWork at officeLocal area2 days per week3 days per week- Casca is looking for a Security Leader in San Francisco to shape security practices for AI-driven banking solutions. You will build security tooling, manage a team of engineers, and enhance compliance measures. The ideal candidate has over 5 years of experience in security...
$99k - $252.45k
...with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In business... ...you will assess the client’s approach for ERP security, business process and IT General Controls, while...H1b- Decagon is looking for a Compliance Manager in San Francisco to enhance customer trust as we expand our services. You'll drive compliance certifications and improve security documentation while coordinating with various teams to address security concerns for enterprise...
$255k
...together to build beneficial AI systems. About the role We're seeking an experienced Policy Communications Manager to help drive external communications for our security, governance, and responsible scaling programs, and associated work. This role offers the opportunity to...Visa sponsorship$265k - $295k
...our users and for society as a whole. About The Role We’re seeking an experienced Policy Communications Manager to help drive external communications for our security, governance, and responsible scaling programs, and associated work. This role offers the opportunity to...Visa sponsorship$115k - $145k
Clearway Energy Group is seeking a Manager of Regulatory Compliance in San Francisco to assist in the management of the electric regulatory compliance program. This role involves ensuring compliance with NERC and other federal regulations, preparing submissions, and managing...$120k - $190k
Airwallex is seeking a Manager of Regulatory Compliance in San Francisco to deliver on the regulatory engagement strategy for the US. In this newly created role, you'll manage licensing processes and ensure compliance with US regulations, working closely with internal...$225k - $300k
...adaptive future. About the Role We’re looking for a hands‑on security and compliance leader with a strong SaaS, AI/ML and data oriented... ...security posture: IAM, VPC and network design, KMS, Secret Manager, Security Command Center, Cloud Logging and detection engineering...Flexible hours- ...once had to do. What you'll do: Build security tooling & processes that engineers... ...mechanisms for appsec, identity and access management, and threat detection that naturally integrate... ...‑to‑market and legal teams to support compliance and customer‑driven initiatives. Own...
$330k - $410k
...Who are we? Cohere is the leading security‑first enterprise AI company. We build cutting‑edge foundation AI models and end‑to‑end products... ...opportunities. Provide recommendations to executive management based on both financial and strategic implications of investment...Full timeContract workWork at officeLocal areaRemote workHome office$96.3k - $145.2k
...core values at the heart of it all. Experience The Security GRC Analyst role is part of our Security and Compliance team, sitting at the intersection of internal... ...coordinating schedules and minimizing duplication. Manage internal evidence collection by assigning tasks...Work at office- ...individual apps. With our infrastructure, any application can spin out as its own SVM blockchain (rollup) without increasing its security risk. The Role Our full-time Head of Strategy will be responsible for shaping and executing our strategic direction to drive growth...Remote jobFull time
$180k - $220k
...products that help builders move from idea to production with speed, security, and exceptional developer experience. Now, software is... ...comes next. About the Role: We are hiring a Strategic Finance Manager, Product (EPD) to partner with Engineering and Product to drive...Work from homeWorldwideFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security and Compliance Manager. Be the first to apply!
- corporate security manager San Francisco, CA
- security systems manager San Francisco, CA
- security manager San Francisco, CA
- security engineering manager San Francisco, CA
- director information security San Francisco, CA
- director global security San Francisco, CA
- surveillance manager San Francisco, CA
- security operations manager San Francisco, CA
- physical security manager San Francisco, CA
- regulatory affairs director San Francisco, CA


