Quality Assurance Specialist
OkloSalary not specified
Full Time
Junior (1 to 2 years)
$163,000 – $192,000Compensation
Expert & Leadership (9+ years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, Security, ComplianceIndustries
Requirements
- 5-7+ years of GRC or InfoSec experience across frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, or NIST
- 1-3 years applying that expertise to AI-assisted workflows - building evaluation sets, reviewing AI outputs, or helping ship AI features
- Strong understanding of evidence, controls, and compliance workflows (TPRM, risk, policy, customer trust)
- Skilled at writing clear instructions and evaluation guides others can follow consistently
- Comfortable working with structured data (Sheets, logs, exports) and translating GRC artifacts into usable AI context
- Curious, methodical, and motivated to build systems that make AI both smarter and safer
- Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus
Responsibilities
- Design and test prompts: Work with engineers and PMs to shape AI behavior, define edge cases, and review outputs for accuracy and usefulness
- Own the ground truth: Build and maintain the “truth layer” — datasets and rating guides that represent correct, real-world GRC answers
- Evaluate and improve quality: Run side-by-side reviews, define launch-readiness criteria, and measure ongoing quality and drift after release
- Ensure responsible AI use: Help design AI systems that respect privacy, minimize hallucinations, and produce explainable, auditable results
- Document and teach: Write clear guides, checklists, and examples others can reuse; host short training sessions to raise the bar for AI quality across teams
- Collaborate widely: Partner with Product, Eng, and GTM teams to connect AI improvements directly to customer trust and business impact
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the salary range for the GRC AI Subject Matter Expert role?
The salary range is $163K - $192K.
Is this position remote?
Yes, the position is fully remote.
What experience is required for this role?
Candidates need 5-7+ years of GRC or InfoSec experience across frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, or NIST, plus 1-3 years applying that expertise to AI-assisted workflows. A strong understanding of evidence, controls, and compliance workflows (TPRM, risk, policy, customer trust) is also required.
What benefits does Vanta offer?
Vanta provides industry-competitive compensation, 100% covered medical, dental, and vision benefits with dependents coverage, and 16 weeks fully-paid parental leave for all new parents.
What makes a candidate successful for this GRC AI SME role?
Success requires being skilled at writing clear instructions and evaluation guides, comfortable working with structured data, and having a curious, methodical mindset motivated to build safer AI systems. Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus.
Vanta
Automates SOC 2 compliance for businesses
About Vanta
Vanta simplifies the process of obtaining and maintaining SOC 2 certification, which is essential for organizations that manage sensitive customer data. The company offers a software-as-a-service (SaaS) platform that automates numerous checks to ensure that security controls are effective and compliant with industry standards. This automation helps small to medium-sized enterprises (SMEs) and tech companies monitor risks and vulnerabilities continuously, significantly reducing the time and cost associated with achieving SOC 2 compliance. Vanta's subscription-based model provides clients with a more efficient and cost-effective way to maintain compliance compared to traditional methods. The goal of Vanta is to transform the compliance process, allowing organizations to focus on their core operations while enhancing their security posture.
San Francisco, CaliforniaHeadquarters
2018Year Founded
$343.4MTotal Funding
SERIES_CCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees
Benefits
100% Benefits Coverage
Flexible & Remote Work
Paid Parental Leave
Unlimited PTO
Health & Wellness
401(k)
Risks
Emerging competitors like ComplyCube could challenge Vanta's market position.
Healthcare data breaches may increase demand for more robust security measures.
Reliance on partnerships like HITRUST poses risks if standards evolve significantly.
Differentiation
Vanta automates up to 90% of audit preparation, reducing compliance costs significantly.
The platform offers real-time insights, enhancing trust and streamlining security reviews.
Vanta's HITRUST e1 solution automates 80% of requirements, ensuring continuous compliance.
Upsides
Vanta secured $150M in Series C funding, boosting its growth potential.
Partnership with HITRUST enhances Vanta's credibility in the healthcare sector.
Rising demand for automated compliance solutions supports Vanta's market expansion.
Related Jobs
RemoteRemoteProject Runner (AI Product Lead / Future Founder)
AE StudioSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteAI Data Specialist
WelocalizeSalary not specified
- Full Time
- Entry Level & New Grad, Junior (1 to 2 years)
RemoteMachine Learning Engineer
Sumo LogicSalary not specified
- Full Time
- Entry Level & New Grad
RemoteStaff Software Engineer (Interview Content) (India)
KaratSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteQuality Assurance Analyst, AI Delivery
CrestaSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteBackend Engineer - AI Agent & Governance
SuperblocksSalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteSenior Technical Training Developer - AI and Data Center Platform
NVIDIASalary not specified
- Full Time
- Expert & Leadership (9+ years)