About Cartesia
Join Cartesia in building the next generation of AI β ubiquitous, interactive intelligence that goes beyond the limitations of today's models. We're tackling the challenge of processing and reasoning over massive streams of data (1B text tokens, 10B audio tokens, and 1T video tokens) in real-time, even on-device.
We're pioneers in model architectures, with our founding team originating from the Stanford AI Lab, where they invented State Space Models (SSMs), a groundbreaking primitive for training efficient, large-scale foundation models. Our team blends deep expertise in model innovation and systems engineering with a design-centric product engineering approach to deliver cutting-edge models and experiences.
Backed by leading investors like Index Ventures and Lightspeed Venture Partners, as well as Factory, Conviction, A Star, General Catalyst, SV Angel, Databricks, and a network of 90+ angel investors and advisors, we're poised to revolutionize the AI landscape.
Security Compliance Engineer - Secure the Future of AI
Are you a security-focused engineer passionate about building secure and compliant systems? Cartesia is seeking a Security Compliance Engineer with DevOps and Cloud experience to fortify our engineering team. In this role, you'll be at the forefront of our security efforts, bridging the gap between security, compliance, and DevSecOps to ensure our infrastructure is both secure and efficiently managed.
As a crucial member of our Information Security group, you will maintain and enhance our existing compliance programs, driving security excellence throughout our organization. This role offers a unique blend of hands-on technical work and deep compliance expertise, fostering customer trust as we scale our innovative AI solutions.
What You'll Do:
Design, implement, and collaborate with engineering teams to operate security tools and programs, including access control & workflows, vulnerability management, and detection/response systems.
Implement and configure security tools, rapidly learning new security technologies in cloud infrastructure and product security.
Maintain SOC 2 Type II, HIPAA, GDPR, ISO 27001, and PCI DSS compliance programs, including managing annual audits and remediation efforts.
Partner with the business operations team to conduct security assessments of vendors and complete customer security questionnaires.
Develop and maintain comprehensive security policies, procedures, and incident response protocols.
Lead cross-functional security initiatives, including access management, vulnerability remediation, and security training programs.
Create insightful dashboards and reports to monitor security metrics and compliance status.
What You'll Bring:
4+ years of hands-on security and compliance experience in B2B SaaS environments.
A proven track record of collaborating with engineering teams on security architecture and controls.
Exceptional communication skills to effectively interact with both technical and business stakeholders.
Experience building or maintaining compliance programs from the ground up.
The ability to thrive and execute effectively in a fast-paced startup environment.
Nice-to-Haves:
Early-stage startup experience (Series A-C preferred).
Relevant security certifications (CISSP, CISA, or equivalent).
Experience with GRC tools (Vanta, Drata, OneTrust).
Strong knowledge of cloud security (AWS, GCP, Azure).
A solid understanding of DevSecOps practices and security automation.
Our Culture:
π’ Weβre an in-person team based out of San Francisco, believing in the power of collaboration and daily learning.
π’ We ship fast, embracing the novel and cutting-edge nature of our work. Execution speed is paramount, without compromising quality and design.
π€ We support each other with an open and inclusive culture, providing the resources everyone needs to succeed.
Our Perks:
π½ Lunch, dinner, and snacks provided at the office.
π₯ Fully covered medical, dental, and vision insurance for employees.
π¦ 401(k) plan.
βοΈ Relocation and immigration support.
π¦ Your own personal Yoshi.