Cresta Logo

Cresta

Compliance Analyst

Posted Yesterday
Remote
Hiring Remotely in United States
160K-180K Annually
Mid level
Remote
Hiring Remotely in United States
160K-180K Annually
Mid level
Lead customer-facing security reviews, perform risk and gap assessments, manage external audits (SOC 2, ISO, PCI, HIPAA, FedRAMP, etc.), run internal audits and security training, improve vendor risk management and compliance metrics, build/automate controls and respond to RFIs to support sales.
The summary above was generated by AI

Cresta unlocks the true potential of the customer experience, turning every conversation into a competitive advantage. Cresta’s unified AI platform combines conversational AI agents, real-time human agent augmentation, and comprehensive conversation intelligence to drive revenue and efficiency gains across every channel. The world’s leading companies, including United Airlines, Cox Communications, and Marriott, use Cresta to power world-class customer experiences every day. 

Born from the Stanford AI Lab, Cresta has raised more than $270 million from the world’s leading investors, including a16z, Greylock, and Sequoia. Cresta’s leadership includes some of the leading minds in AI today. Our CEO, Ping Wu, founded and led Google's Contact Center AI and Vertex AI platforms before joining Cresta to build the future of AI-driven customer experiences.

Over the next few years, AI is going to redefine how people all over the world interact with businesses every day. Come build that future at Cresta.

Cresta is on a mission to turn every customer conversation into a competitive advantage by unlocking the true potential of the contact center. Our platform combines the best of AI and human intelligence to help contact centers discover customer insights and behavioral best practices, automate conversations and inefficient processes, and empower every team member to work smarter and faster. Born from the prestigious Stanford AI lab, Cresta's co-founder and chairman is Sebastian Thrun, the genius behind Google X, Waymo, Udacity, and more. Our leadership also includes CEO, Ping Wu, the co-founder of Google Contact Center AI and Vertex AI platform, and co-founder, Tim Shi, an early member of Open AI.
 
We’ve assembled a world-class team of AI and ML experts, go-to-market leaders, and top-tier investors including Andreessen Horowitz, Greylock Partners, Sequoia, and former AT&T CEO John Donovan. Our valued customers include brands like Intuit, Cox Communications, Hilton, and Carmax and we’ve been recognized by Forbes and Bain Consulting as one of the top private AI companies in the world.
 
Join us on this thrilling journey to revolutionize the workforce with AI. The future of work is here, and it's at Cresta.
About the role:

Interested in defining how AI shapes the future of work? Cresta is on a mission to make every knowledge worker 100x as effective, 10x faster and 10x better. Cresta is focused on using AI to help the workforce, not replace them. Cresta uses our patented Expertise AI to uncover expert insights from every conversation and put those insights into action with real-time coaching during customer conversations. We’re growing fast! Spun out of the Stanford AI lab and chaired by Google-X founder Sebastian Thrun, Cresta launched in 2020. Since then, we’ve grown revenue and our team by 300%! We’ve assembled a world-class team of AI and ML experts, go-to-market leaders, and top-tier investors and advisors including Andreessen Horowitz, Greylock Partners, Sequoia, and former AT&T CEO John Donovan. Our valued customers include brands like Intuit, Porsche, Adobe, and Dropbox and we have been recognized as a startup to watch by Business Insider, Forbes, and Gartner to name a few. We have huge ambitions and are looking for stellar candidates who have an entrepreneurial mindset and are excited to use cutting-edge AI to solve real-world business problems. Cresta is seeking a passionate individual with solid security engineering experience to support the security & compliance team and enable growing global data protection and cybersecurity efforts. 

Responsibilities:

  • Lead and manage all customer-facing security conversations, partnering cross-functionally to ensure timely resolution of issues and seamless execution of the security review lifecycle within sales deals.
  • Perform risk assessments to identify gaps, come up with recommendations, and drive the gaps to remediation.
  • Streamline and lead SOC 2 Type II, ISO 27001/27701/42001, PCI-DSS, TISAX, HIPAA, and FedRAMP audit processes.
  • Perform internal audits and keep the necessary documentation updated as required for audits.
  • Perform risk assessments to identify gaps, come up with recommendations, and drive the gaps to remediation.
  • Streamline and lead SOC 2 Type II, ISO 27001/27701/42001, PCI-DSS, TISAX, HIPAA and FedRAMP audit processes.
  • Perform internal audits and keep the necessary documentation updated as required for audits.
  • Perform gap assessments against new regions and target industry markets to comply with compliance regulations as the company expands.
  • Conduct new-hire and annual security awareness training to educate personnel and re-iterate security and compliance requirements.
  • Oversee and continuously improve the vendor risk management framework, ensuring effective identification, assessment, and mitigation of third-party risks.
  • Establish metrics to track compliance program effectiveness and to report risk.
  • Interface with both technical (Engineering/Product) and non-technical (Sales/Marketing/Customer Success) teams.
  • Respond to customer RFIs, questions, audits and technical documentation requests.
  • Help build our common control framework and drive adoption of the framework within the organization.
  • Build and automate processes to achieve continuous compliance over the technology control environment.
  • Assist with sales and marketing materials representing product security and compliance.
Qualifications We Value:
  • 4+ years of experience in security governance, IT audit, or security compliance management
  • 3+ years of program management, with experience in affecting technology decisions
  • End-to-end experience going through SOC 2 Type II, HITRUST, HIPAA, TISAX, ISO 27001/27701/42001, FedRAMP, and PCI-DSS external audits
  • Experience in a hands-on technical role, with basic understanding of software implementation and integration
  • Experience with cloud environments on AWS, GCP, Azure
  • A track record of building relationships and credibility with business leads, external partners, and regulators through collaborative and independent programs
  • Experience managing competing efforts and requirements
  • Experience with fast-growing cloud native SaaS start-ups
  • Bonus: Experience with building GRC engineering tooling
  • Bonus: Experience with AI security frameworks such as AIUC

Perks & Benefits:

We offer a comprehensive and people-first benefits package to support you at work and in life:

  • Comprehensive medical, dental, and vision coverage with plans to fit you and your family
  • Flexible PTO to take the time you need, when you need it
  • Paid parental leave for all new parents welcoming a new child
  • Retirement savings plan to help you plan for the future
  • Remote work setup budget to help you create a productive home office
  • Monthly wellness and communication stipend to keep you connected and balanced
  • In-office meal program and commuter benefits provided for onsite employees

Compensation at Cresta 

Cresta’s approach to compensation is simple: recognize impact, reward excellence, and invest in our people. We offer competitive, location-based pay that reflects the market and what each individual brings to the table.

The posted base salary range represents what we expect to pay for this role in a given location. Final offers are shaped by factors like experience, skills, education, and geography. In addition to base pay, total compensation includes equity and a comprehensive benefits package for you and your family.

Salary Range: $160,000 – $180,000 + Offers Equity

We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Cresta recruiting email communications will always come from the @cresta.ai domain. Any outreach claiming to be from Cresta via other sources should be ignored.  If you are uncertain whether you have been contacted by an official Cresta employee, reach out to [email protected]

Similar Jobs

2 Days Ago
Remote
United States
160K-200K Annually
Senior level
160K-200K Annually
Senior level
Software • Defense
Manage and maintain RMF authorizations and audit evidence (SSPs, SARs, POA&Ms, STIGs), embed compliance into engineering and CI/CD, coordinate internal assessments and external audits (FedRAMP High, CMMC 2.0, SOC 2), run risk and vendor reviews, and automate continuous control testing across federal and commercial environments.
Top Skills: Cmmc 2.0Dod Cloud Computing SrgEmassFedrampGrc PlatformsIso 27001Nist RmfNist Sp 800-171Poa&MSarSoc 2SspStigs
9 Days Ago
In-Office or Remote
88K-130K Annually
Senior level
88K-130K Annually
Senior level
Aerospace • Artificial Intelligence • Machine Learning • Robotics • Software
Develop, document, and maintain policies, procedures, and processes to ensure FAR/DFARS compliance across government contracting business systems. Support DCAA/DCMA audits, perform gap analyses, track remediation, and partner with Finance, Contracts, Supply Chain, and Program teams to maintain internal controls and audit readiness.
Top Skills: Deltek CostpointOracleSAP
2 Days Ago
In-Office or Remote
125K-125K Annually
Senior level
125K-125K Annually
Senior level
Other • Social Impact
Provide high-level research security and compliance expertise: monitor and interpret federal and sponsor requirements, develop policy and guidance, facilitate compliance for export controls and conflicts of interest, review international activities and travel disclosures, deliver training and outreach, advise stakeholders, and manage sponsored-project compliance activities and related program work.

What you need to know about the Seattle Tech Scene

Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.

Key Facts About Seattle Tech

  • Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Amazon, Microsoft, Meta, Google
  • Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Madrona, Fuse, Tola, Maveron
  • Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account