Security Compliance Analyst
At Scale, we are driving the future of AI and Machine Learning across a variety of industries. As the Security Compliance Analyst, you will play a pivotal role in the continued success of Scale. Your role will be instrumental in ensuring the effective operation of our Security and Compliance departments, allowing us to maintain the highest standards in our industry.
Reporting into the Security Compliance team, you will be working cross functionality with all teams within the Security department, including Product Security, Security Operations, Infrastructure Security, as well as partner teams such as Legal, HR, and Operations. You will also support both our Commercial and Public Sector business, ensuring that our security and compliance measures meet the specific needs of these different sectors.
Location: San Francisco (2-3x per week in office)
You Will:
- Help create, maintain, and improve security compliance initiatives (SOC 2, FedRAMP, ISO 27001).
- Collaborate with product, engineering, operations, people operations, and legal to implement new technical, administrative, and operational controls.
- Work with the go-to-market team on customer security due diligence, including security questionnaires and resolving current or prospective compliance requests. Furthermore, working on our GRC tool to ensure our Trust Center is up to date.
- Design, manage, and iterate on compliance initiatives across our remote worker network and business process outsourcing partners.
- Develop and provide training to improve the security awareness and knowledge for all employees and contractors.
- Conduct and initiate quarterly user access reviews over critical applications to ensure privileged access remains up to date.
- Assist with internal and external security audits.
Ideally, You’d have:
- 3-5 years of related work experience in Information Security Governance, Risk and Compliance (GRC) or relevant Compliance roles in the tech industry. Big 4 consulting experience is a plus.
- Prior experience assessing or auditing cloud environments (AWS, Azure, and GCP), performing compliance assessments, conducting risk assessments and/or driving audits like SOX, ISO, SOC, PCI DSS.
- Experience in security and compliance in a role that required cross-departmental collaboration.
- An action-oriented mindset, balancing creative problem-solving with a strong drive to achieve outcomes.
- Ability to learn, understand, and work with new emerging technologies, methodologies, and solutions in the Cloud/IT technology space.
- Strong analytical, communication (verbal and written), and project management skills.
- Experience leading day-to-day activities, improving processes, and owning outcomes.
- Certification preferred in one or more of the following: CISA, CISSP, CISM, Cloud platforms such as AWS, Azure or GCP.
Nice to haves:
- Experience in a high-growth technology company.
- Experience applying AI or Machine Learning.
- Previous work as a security consultant or Big 4 consulting.
Note this role must be based within the continental United States and requires current US Citizenship to support Scale’s Public Sector business.
Compensation packages at Scale for eligible roles include base salary, equity, and benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position, determined by work location and additional factors, including job-related skills, experience, interview performance, and relevant education or training. Scale employees in eligible roles are also granted equity based compensation, subject to Board of Director approval. Your recruiter can share more about the specific salary range for your preferred location during the hiring process, and confirm whether the hired role will be eligible for equity grant. You’ll also receive benefits including, but not limited to: Comprehensive health, dental and vision coverage, retirement benefits, a learning and development stipend, and generous PTO. Additionally, this role may be eligible for additional benefits such as a commuter stipend.
PLEASE NOTE: Our policy requires a 90-day waiting period before reconsidering candidates for the same role. This allows us to ensure a fair and thorough evaluation of all applicants.
About Us:
At Scale, we believe that the transition from traditional software to AI is one of the most important shifts of our time. Our mission is to make that happen faster across every industry, and our team is transforming how organizations build and deploy AI. Our products power the world's most advanced LLMs, generative models, and computer vision models. We are trusted by generative AI companies such as OpenAI, Meta, and Microsoft, government agencies like the U.S. Army and U.S. Air Force, and enterprises including GM and Accenture. We are expanding our team to accelerate the development of AI applications.
We believe that everyone should be able to bring their whole selves to work, which is why we are proud to be an affirmative action employer and inclusive and equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability status, gender identity or Veteran status.
We are committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities. If you need assistance and/or a reasonable accommodation in the application or recruiting process due to a disability, please contact us at accommodations@scale.com. Please see the United States Department of Labor's Know Your Rights poster for additional information.
We comply with the United States Department of Labor's Pay Transparency provision.
PLEASE NOTE: We collect, retain and use personal data for our professional business purposes, including notifying you of job opportunities that may be of interest and sharing with our affiliates. We limit the personal data we collect to that which we believe is appropriate and necessary to manage applicants’ needs, provide our services, and comply with applicable laws. Any information we collect in connection with your application will be treated in accordance with our internal policies and programs designed to protect personal data. Please see our privacy policy for additional information.