Sierra
Governance, Risk, & Compliance Lead
Sierra, San Francisco, California, United States, 94199
About Us:
At Sierra, we’re building a platform to enable every company in the world to build their own autonomous AI agents for everything from customer service to commerce. We are primarily an in-person company based in San Francisco.
We are guided by a set of values that are at the core of our actions and define our culture: Trust, Customer Obsession, Craftsmanship, Competitive Intensity, and Family. These values are the foundation of our work, and we are committed to upholding them in everything we do.
Our co-founders are
Bret Taylor
and
Clay Bavor . Bret was most recently co-CEO of Salesforce, which had previously acquired the company he founded, Quip. Before founding Quip, Bret was the CTO of Facebook. Bret was one of Google's earliest product managers and one of the co-creators of Google Maps. Bret currently serves as Board Chair of OpenAI. Before founding Sierra, Clay spent 18 years at Google, where he most recently led Google Labs. Earlier, he started and led Google’s AR/VR effort, Project Starline, and Google Lens. Before that, Clay led the product and design teams for Google Workspace.
What You'll Do:
Lead GRC Initiatives:
As our first dedicated GRC hire, you’ll oversee and manage Sierra's compliance program, ensuring adherence to compliance frameworks and relevant privacy laws such as SOC 2, ISO 27001, HIPAA, GDPR, and CCPA. By leading risk management initiatives, you’ll drive risk reduction across Sierra. You’ll work with third party auditors to conduct regular audits and assessments to ensure compliance with regulatory requirements and internal policies.
Foster a Culture of Security:
Collaborate closely with engineering and cross-functional teams to develop and maintain a robust InfoSec program. Lead training and awareness programs to promote a culture of security and compliance across the company.
Enable Business Goals:
Drive business for Sierra in the enterprise and regulated industries by operationalizing processes like security questionnaire handling and vendor procurement. You’ll implement effective strategies and controls to ensure compliance and security measures align with business objectives. As part of enabling enterprise deals, you’ll collaborate with customers to understand their unique security needs and ensure Sierra’s solutions meet or exceed their compliance requirements.
Work at the Frontier of AI:
Work closely with cross-functional teams to develop robust and innovative privacy and security solutions when using large language models and other cutting-edge AI technologies. Monitor and respond to emerging security threats and regulatory changes, advising the organization on necessary actions, especially as it relates to AI.
What You'll Bring:
Strong knowledge of regulatory frameworks and privacy laws such as SOC 2, ISO 27001, HIPAA, GDPR, and CCPA.
5-7+ years of experience in a GRC role, preferably within a technology company with enterprise customers
Experience with risk management, compliance audits, and security assessments, with a track record of implementing pragmatic and effective controls.
Technical expertise with the ability to evaluate and address InfoSec and cyber security risks and issues and translate them into effective, pragmatic controls and solutions.
Excellent communication and interpersonal skills, with the ability to work collaboratively with cross-functional teams.
Even better...
Experience with AI and machine learning technologies, working on GRC at an AI company, or working with customers in regulated industries (e.g. healthcare, finance).
Bachelor's degree in Information Security, Cybersecurity, Computer Science, a related field, or equivalent professional experience.
Familiarity with data privacy laws and regulations in multiple jurisdictions.
Our Values:
Trust:
We build trust with our customers with our accountability, empathy, quality, and responsiveness. We build trust in AI by making it more accessible, safe, and useful. We build trust with each other by showing up for each other professionally and personally, creating an environment that enables all of us to do our best work.
Customer Obsession:
We deeply understand our customers’ business goals and relentlessly focus on driving outcomes, not just technical milestones. Everyone at the company knows and spends time with our customers. When our customer is having an issue, we drop everything and fix it.
Craftsmanship:
We get the details right, from the words on the page to the system architecture. We have good taste. When we notice something isn’t right, we take the time to fix it. We are proud of the products we produce. We continuously self-reflect to continuously self-improve.
Intensity:
We know we don’t have the luxury of patience. We play to win. We care about our product being the best, and when it isn’t, we fix it. When we fail, we talk about it openly and without blame so we succeed the next time.
Family:
We know that balance and intensity are compatible, and we model it in our actions and processes. We are the best technology company for parents. We support and respect each other and celebrate each other’s personal and professional achievements.
What We Offer:
We want our benefits to reflect our values, including:Flexible (Unlimited) Paid Time Off
Medical, Dental, and Vision benefits for you and your family
Life Insurance and Disability Benefits
401k Plan with Sierra match
Parental Leave
Fertility and Family Building Benefits through Carrot
Lunch, as well as delicious snacks and coffee to keep you energized
Discretionary Benefit Stipend giving people the ability to spend where it matters most
These benefits are further detailed in Sierra's policies and are subject to change at any time, consistent with the terms of any applicable compensation or benefits plans. Eligible full-time employees can participate in Sierra's equity plans subject to the terms of the applicable plans and policies.Be You, With Us:
We're working to bring the transformative power of AI to every organization in the world. To do so, it is important to us that the diversity of our employees represents the diversity of our customers. We believe that our work and culture are better when we encourage, support, and respect different skills and experiences represented within our team. We encourage you to apply even if your experience doesn't precisely match the job description. We strive to evaluate all applicants consistently without regard to race, color, religion, gender, national origin, age, disability, veteran status, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
#J-18808-Ljbffr
At Sierra, we’re building a platform to enable every company in the world to build their own autonomous AI agents for everything from customer service to commerce. We are primarily an in-person company based in San Francisco.
We are guided by a set of values that are at the core of our actions and define our culture: Trust, Customer Obsession, Craftsmanship, Competitive Intensity, and Family. These values are the foundation of our work, and we are committed to upholding them in everything we do.
Our co-founders are
Bret Taylor
and
Clay Bavor . Bret was most recently co-CEO of Salesforce, which had previously acquired the company he founded, Quip. Before founding Quip, Bret was the CTO of Facebook. Bret was one of Google's earliest product managers and one of the co-creators of Google Maps. Bret currently serves as Board Chair of OpenAI. Before founding Sierra, Clay spent 18 years at Google, where he most recently led Google Labs. Earlier, he started and led Google’s AR/VR effort, Project Starline, and Google Lens. Before that, Clay led the product and design teams for Google Workspace.
What You'll Do:
Lead GRC Initiatives:
As our first dedicated GRC hire, you’ll oversee and manage Sierra's compliance program, ensuring adherence to compliance frameworks and relevant privacy laws such as SOC 2, ISO 27001, HIPAA, GDPR, and CCPA. By leading risk management initiatives, you’ll drive risk reduction across Sierra. You’ll work with third party auditors to conduct regular audits and assessments to ensure compliance with regulatory requirements and internal policies.
Foster a Culture of Security:
Collaborate closely with engineering and cross-functional teams to develop and maintain a robust InfoSec program. Lead training and awareness programs to promote a culture of security and compliance across the company.
Enable Business Goals:
Drive business for Sierra in the enterprise and regulated industries by operationalizing processes like security questionnaire handling and vendor procurement. You’ll implement effective strategies and controls to ensure compliance and security measures align with business objectives. As part of enabling enterprise deals, you’ll collaborate with customers to understand their unique security needs and ensure Sierra’s solutions meet or exceed their compliance requirements.
Work at the Frontier of AI:
Work closely with cross-functional teams to develop robust and innovative privacy and security solutions when using large language models and other cutting-edge AI technologies. Monitor and respond to emerging security threats and regulatory changes, advising the organization on necessary actions, especially as it relates to AI.
What You'll Bring:
Strong knowledge of regulatory frameworks and privacy laws such as SOC 2, ISO 27001, HIPAA, GDPR, and CCPA.
5-7+ years of experience in a GRC role, preferably within a technology company with enterprise customers
Experience with risk management, compliance audits, and security assessments, with a track record of implementing pragmatic and effective controls.
Technical expertise with the ability to evaluate and address InfoSec and cyber security risks and issues and translate them into effective, pragmatic controls and solutions.
Excellent communication and interpersonal skills, with the ability to work collaboratively with cross-functional teams.
Even better...
Experience with AI and machine learning technologies, working on GRC at an AI company, or working with customers in regulated industries (e.g. healthcare, finance).
Bachelor's degree in Information Security, Cybersecurity, Computer Science, a related field, or equivalent professional experience.
Familiarity with data privacy laws and regulations in multiple jurisdictions.
Our Values:
Trust:
We build trust with our customers with our accountability, empathy, quality, and responsiveness. We build trust in AI by making it more accessible, safe, and useful. We build trust with each other by showing up for each other professionally and personally, creating an environment that enables all of us to do our best work.
Customer Obsession:
We deeply understand our customers’ business goals and relentlessly focus on driving outcomes, not just technical milestones. Everyone at the company knows and spends time with our customers. When our customer is having an issue, we drop everything and fix it.
Craftsmanship:
We get the details right, from the words on the page to the system architecture. We have good taste. When we notice something isn’t right, we take the time to fix it. We are proud of the products we produce. We continuously self-reflect to continuously self-improve.
Intensity:
We know we don’t have the luxury of patience. We play to win. We care about our product being the best, and when it isn’t, we fix it. When we fail, we talk about it openly and without blame so we succeed the next time.
Family:
We know that balance and intensity are compatible, and we model it in our actions and processes. We are the best technology company for parents. We support and respect each other and celebrate each other’s personal and professional achievements.
What We Offer:
We want our benefits to reflect our values, including:Flexible (Unlimited) Paid Time Off
Medical, Dental, and Vision benefits for you and your family
Life Insurance and Disability Benefits
401k Plan with Sierra match
Parental Leave
Fertility and Family Building Benefits through Carrot
Lunch, as well as delicious snacks and coffee to keep you energized
Discretionary Benefit Stipend giving people the ability to spend where it matters most
These benefits are further detailed in Sierra's policies and are subject to change at any time, consistent with the terms of any applicable compensation or benefits plans. Eligible full-time employees can participate in Sierra's equity plans subject to the terms of the applicable plans and policies.Be You, With Us:
We're working to bring the transformative power of AI to every organization in the world. To do so, it is important to us that the diversity of our employees represents the diversity of our customers. We believe that our work and culture are better when we encourage, support, and respect different skills and experiences represented within our team. We encourage you to apply even if your experience doesn't precisely match the job description. We strive to evaluate all applicants consistently without regard to race, color, religion, gender, national origin, age, disability, veteran status, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
#J-18808-Ljbffr