We bind our fortunes to those who dare to burn
away the obsolete and forge the unimagined future.

Compliance Manager



Legal, Sales & Business Development
San Francisco, CA, USA
Posted on Tuesday, November 28, 2023
About Anyscale:
At Anyscale, we're on a mission to democratize distributed computing and make it accessible to software developers of all skill levels. We’re commercializing Ray, a popular open-source project that's creating an ecosystem of libraries for scalable machine learning. Companies like OpenAI, Uber, Spotify, Instacart, Cruise, and many more, have Ray in their tech stacks to accelerate the progress of AI applications out into the real world.
With Anyscale, we’re building the best place to run Ray, so that any developer or data scientist can scale an ML application from their laptop to the cluster without needing to be a distributed systems expert.
Proud to be backed by Andreessen Horowitz, NEA, and Addition with $250+ million raised to date.
Anyscale is based in San Francisco, CA. Employees are required to come in office 3x a week.
Anyscale is looking for a Compliance Manager to oversee our compliance framework, particularly for our AI and ML product lines. This strategic role requires a pragmatic, vigilant and insightful professional who will work directly under the General Counsel, in close partnership with the Anyscale security engineering team, to help design and implement best-in-breed security, data protection and privacy practices in our product offerings and corporate environment, while meeting stringent customer, legal and regulatory requirements. A successful Compliance Manager will be instrumental in collaborating cross-functionally to help the organization take smart risks while upholding our commitment to lawful and responsible business practices.

Key Responsibilities:

  • Develop and maintain the company's privacy and security policies, procedures and policy exception process
  • Run quarterly security meetings (e.g., ISMS quarterly meetings under ISO27001) with senior leadership to align and update relevant stakeholders on important security and compliance efforts
  • Work with internal stakeholders to collect and maintain evidence for external auditors performing regulatory (e.g., SOC 2, ISO27001, HIPAA) and customer security and privacy audits
  • Manage the process and relationships with external auditors
  • Serve as a centralized point of knowledge regarding the company’s security, data protection and privacy practices to assist Anyscale sales organization in customer deals
  • Create self-service resources (e.g., for sales team regarding compliance efforts to reduce friction in the sales process, including maintaining up-to-date answers to common vendor security assessment questionnaires)
  • Cross-functionally partner to manage compliance (both on product and corporate side) with security and privacy standards such as GDPR, CCPA, ISO 27001, ISO 27018, HIPAA, PCI-DSS, and FedRAMP
  • Lead security and privacy risk assessments and manage remediation efforts in collaboration with technical teams
  • Oversee and conduct regular internal audits to ensure ongoing compliance with all relevant standards
  • Maintain current knowledge of applicable federal and state security and privacy laws and accreditation standards
  • Report to the General Counsel on the progress and status of the compliance efforts, challenges, and risk management


  • Bachelor’s degree in relevant field
  • 5+ years of relevant experience in compliance, with a track record of pragmatic guidance to SaaS companies (ideally within the AI/ML technology industry)Certifications such as CIPP, CISSP, or CISM are preferred
  • In-depth knowledge of ISO/IEC 27001 and SOC 2 Type 2
  • Experience managing full process for ISO27001 certification
  • Experience managing first certification/audit report for ISO27001 or SOC2 Type 2 or significant experience updating both compliance reports after major product or corporate changes
  • Familiarity with one or more of HIPAA, PCI-DSS, or FedRAMP security standards
  • Experience managing GDPR, CCPA or similar privacy compliance efforts
  • Proven ability to develop, implement, and lead a compliance program in a complex business environment
  • Strong leadership capabilities and excellent communication skills, adept at both strategy development and detailed execution
  • Skilled in pragmatic risk analysis, problem-solving, and project management
  • Ability to figure out the most efficient ways to meet compliance requirements while ensuring that security and privacy standards are met
  • Familiarity with technical aspects of AI & ML technologies and the ability to translate regulatory requirements into technical specifications
  • Proficient with compliance software and tools necessary for efficient management of a compliance program


  • At Anyscale, we take a market-based approach to compensation. We are data-driven, transparent, and consistent. The target salary for this role is $149,693-$195,624. As the market data changes over time, the target salary for this role may be adjusted.
  • This role is also eligible to participate in Anyscale's Equity and Benefits offerings, including the following:
  • Stock Options
  • Healthcare plans, with premiums covered by Anyscale at 99% for both employees and dependents
  • 401k Retirement Plan
  • Wellness stipend
  • Education stipend
  • Paid Parental Leave
  • Flexible Time Off
  • Commute reimbursement
  • 100% of in-office meals covered
Anyscale Inc. is an Equal Opportunity Employer. Candidates are evaluated without regard to age, race, color, religion, sex, disability, national origin, sexual orientation, veteran status, or any other characteristic protected by federal or state law.
Anyscale Inc. is an E-Verify company and you may review the Notice of E-Verify Participation and the Right to Work posters in English and Spanish