About us
At Sierra, we’re creating a platform to help businesses build better, more human customer experiences with AI. We are primarily an in-person company based in San Francisco, with growing offices in Atlanta, New York, and London.
We are guided by a set of values that are at the core of our actions and define our culture: Trust, Customer Obsession, Craftsmanship, Intensity, and Family. These values are the foundation of our work, and we are committed to upholding them in everything we do.
Our co-founders are Bret Taylor and Clay Bavor. Bret currently serves as Board Chair of OpenAI. Previously, he was co-CEO of Salesforce (which had acquired the company he founded, Quip) and CTO of Facebook. Bret was also one of Google's earliest product managers and co-creator of Google Maps. Before founding Sierra, Clay spent 18 years at Google, where he most recently led Google Labs. Earlier, he started and led Google’s AR/VR effort, Project Starline, and Google Lens. Before that, Clay led the product and design teams for Google Workspace.
What You’ll Do:
Build Third-Party Risk Management (TPRM) program, conducting security assessments, risk evaluations, and ongoing monitoring to ensure vendors meet our trust and compliance standards. Act as the primary liaison for external vendors and collaborate closely with Legal, IT, and Operations to align reviews with business goals.
Enable security to accelerate customer trust by scaling the delivery of security and privacy responses through a repeatable, high-confidence security posture while partnering with Sales and Agent Engineering teams.
Support audit and regulatory readiness across frameworks SOC 2, ISO 27001, HIPAA, and GDPR.
Develop and maintain security policies and procedures that align with evolving industry standards and regulatory requirements. Ensure these policies are accessible, adopted, and embedded into day-to-day operations across teams.
Build a culture of security awareness by designing and executing programs that engage and educate employees on their compliance responsibilities, enabling everyone to play a role in protecting Sierra and our customers.
Integrate security, privacy and responsible AI guardrails into our AI-native stack by working closely with Product and Platform Engineering.
Lead core security initiatives and programs, including data protection, access management, operational resilience and vulnerability management. Bring structure, accountability, and visibility to the initiatives that anchor our security foundations.
Who You’ll Work With:
You’ll collaborate across a wide range of teams including Product, Platform Engineering, Agent Engineering, Legal, Operations, Sales, and GTM to embed security and compliance across our tech stack. Your role bridges technical execution, business momentum, and evolving regulatory demands ensuring our trust posture scales with both innovation and expectation.
What You’ll Bring:
Deep expertise in security and privacy frameworks such as SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and CCPA and the intuition and rigor to apply them with flexibility in dynamic, high-growth environments.
A strong grasp of security and privacy first principles, and the ability to strategically apply them to rapidly evolving architectures especially in AI-native and data-rich environments.
Proven ownership of security programs from running audits and vendor reviews to managing policy, awareness, and core security and compliance initiatives with cross-functional accountability.
Strong communication and influence skills, with the ability to translate regulatory requirements into clear, actionable guidance for technical and business stakeholders alike.
5–9+ years of experience in security, compliance, or risk roles, ideally in product-led, fast-paced tech companies where ambiguity is the norm and velocity is expected.
Certifications such as CISSP, CISA, CRISC, PCI ISA, or ISO 27001 Lead Auditor that reflect a commitment to continuous learning and deep domain credibility.
Even Better...
Experience operating in regulated and high-trust sectors such as tech, fintech, healthcare, or AI especially where customer expectations around privacy, compliance, and transparency are high.
A background in customer-facing security roles, managing third-party security reviews, responding to due diligence requests, and supporting enterprise deal cycles.
Hands-on cloud security knowledge (AWS, Azure, GCP) and familiarity with compliance automation tools that help scale GRC in a fast-paced environment.
Working knowledge of core security domains including Identity & Access Management, Product Security, Data Security, and Infrastructure Security.
Familiarity with emerging global regulations such as DORA, and the EU AI Act, and an eagerness to stay ahead of evolving compliance landscapes.
A Bachelor’s or Master’s degree in Information Security, Computer Science, Information Management, or a related technical or risk-focused field.
Why Join Us?
You’ll be at the intersection of technology, security compliance, and AI innovation helping to shape how trust is built in one of the fastest-moving fields today. At Sierra, we learn fast, move faster, and believe that compliance should unlock possibility. If you're energized by ambiguity, excited to build from first principles, and motivated to turn security into a strategic advantage, this role is for you.
Our values
Trust: We build trust with our customers with our accountability, empathy, quality, and responsiveness. We build trust in AI by making it more accessible, safe, and useful. We build trust with each other by showing up for each other professionally and personally, creating an environment that enables all of us to do our best work.
Customer Obsession: We deeply understand our customers’ business goals and relentlessly focus on driving outcomes, not just technical milestones. Everyone at the company knows and spends time with our customers. When our customer is having an issue, we drop everything and fix it.
Craftsmanship: We get the details right, from the words on the page to the system architecture. We have good taste. When we notice something isn’t right, we take the time to fix it. We are proud of the products we produce. We continuously self-reflect to continuously self-improve.
Intensity: We know we don’t have the luxury of patience. We play to win. We care about our product being the best, and when it isn’t, we fix it. When we fail, we talk about it openly and without blame so we succeed the next time.
Family: We know that balance and intensity are compatible, and we model it in our actions and processes. We are the best technology company for parents. We support and respect each other and celebrate each other’s personal and professional achievements.
What we offer
We want our benefits to reflect our values and offer the following to full-time employees:
Flexible (Unlimited) Paid Time Off
Medical, Dental, and Vision benefits for you and your family
Life Insurance and Disability Benefits
Retirement Plan (e.g., 401K, pension) with Sierra match
Parental Leave
Fertility and family building benefits through Carrot
Lunch, as well as delicious snacks and coffee to keep you energized
Discretionary Benefit Stipend giving people the ability to spend where it matters most
Free alphorn lessons
These benefits are further detailed in Sierra's policies and are subject to change at any time, consistent with the terms of any applicable compensation or benefits plans. Eligible full-time employees can participate in Sierra's equity plans subject to the terms of the applicable plans and policies.
Be you, with us
We're working to bring the transformative power of AI to every organization in the world. To do so, it is important to us that the diversity of our employees represents the diversity of our customers. We believe that our work and culture are better when we encourage, support, and respect different skills and experiences represented within our team. We encourage you to apply even if your experience doesn't precisely match the job description. We strive to evaluate all applicants consistently without regard to race, color, religion, gender, national origin, age, disability, veteran status, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
