Risk and Compliance Specialist

About Sama:

Sama is the leading training data provider for Fortune 2000 companies such as Google, Walmart, Ford, Microsoft, and Marriott. We help these organizations get their machine learning models to production more quickly by providing accurate annotation and validation for their datasets.

80% of AI project time is spent on aggregating, cleaning, and labeling data for machine learning models Sama drives the very important task of data annotation from companies building state-of-the-art AI. 

Sama offers the highest quality SLAs in the industry, along with cutting-edge ML-assisted annotation tools, QA processes, and security and compliance standards. 

Sama has a social mission driven by the belief that “talent is equally distributed but opportunity is not.” As a certified B corp, Sama supports an ethical supply chain, and our impact was validated by MIT with a randomized control study. 

Sama has provided worker training programs to increase economic opportunity for more than 13,000 people from underserved communities. By connecting our customers with amazing talent in East Africa, we've impacted more than 59,000 workers and their dependents.

• Featured in Forbes: How Ethical Is Your AI?
• Sama Honored on Inc. Magazine’s Annual List of America’s Fastest-Growing Private Companies — the Inc. 5000

About the Job:

The Compliance Specialist is responsible for advocating and monitoring compliance through controls, policies, standards, and procedures. In this role, you will be working with the Risk and Compliance Lead in the Global Service Delivery and Trust teams to achieve and maintain government, and other regulatory framework requirements such as GDPR, TISAX & CCPA and industry certifications (namely but not limited to SOC2, ISO 27001, ISO 9001, ISO 22301).
You will also be responsible for driving our current compliance efforts, managing the external & internal audit plans, updating existing controls, assisting in maintaining certifications and participating in the mapping of future certifications.

Key Responsibilities: 

• Participate in the review of compliance and audit-related matters. Auditing existing security systems, processes and protocols and developing corrective actions/plans to fix identified gaps
• Support and evaluate the performance of a team of auditors within the Compliance unit or the organization.
• Work with all business functions to understand the security risks and compliance requirements, develop and maintain the security & compliance roadmap & strategy
• Develop and maintain compliance & security documentation, policies, guidelines, frameworks, standards, and procedures.
• Communicate policies and procedures to stakeholders inside the company.
• Support in the implementation of compliance & security standards, regulations, and best practices for the organization namely but not limited to SOC2, ISO 27001, CCPA, and GDPR.
• Support global compliance & security awareness strategy and programs fostering a culture where compliance & security is everyone’s responsibility.
• Work with the Risk and Compliance Lead and head of departments about SOC, CCPA & GDPR compliance program and their assigned controls and recommend improvements to teams for their assigned controls.
• Ensure compliance with critical controls on a regular basis.
• Participate in audits by external and internal auditors. This could be audited for client requirements, ISO standards, and any other applicable audit requirements.
• Assist with the facilitation of certifications which include, but are not limited to, ISO 9001, BCP, and ISO 27001.
• Play a key role in partnering with Sales and Customer Success teams to close business and ensure customers understand our security posture.
• Respond to requests in a timely manner from the Risk and Compliance Lead to meet service level agreement commitments for responding to customer and prospect requests.
• Identifying gaps with controls assigned to Sama teams.
• Assist in determining whether supplied artefact (s) by teams meets SOC, CCPA, ISO, GDPR & client SOW requirements.
• Support the Risk and Compliance Lead in writing Section III of the SOC2 report where necessary.
• Support Enterprise Risk Management processes and framework adherence across Global Service Delivery teams.

Minimum Qualifications: 

• Bachelor’s Degree in finance or business-related field.
• 2-3 years of experience in a compliance role and or security auditing role.
• Knowledge of laws, legal codes, procedures, and other relevant regulatory standards.
• Strong analytical, investigative and critical thinking skills.
• Documenting and reporting skills.

Good To Have:

• Certification as ISO auditor for ISO 9001, ISO 27001 & ISO 22301.
• Certification in risk & compliance management is an added advantage.
• Projects involving coordinated efforts across large cross-functional teams.
• Previous experience with CCPA & GDPR.
• Interest and desire to obtain CISSP, CISA, or other globally recognized security, compliance, or audit certifications.
• Previous experience as an Auditor

Our Culture:

Sama is quite unique. We are a technology company with a social mission. People that thrive in a high-growth environment, love working on the bleeding edge of technology, and really care about having a positive impact on the world are a great fit for the Sama culture. Our core values are One Team, One Goal - Deliver. Period. - Trust & Transparency - Customer First - Humanity.

Our Benefits:

Sama offers competitive compensation commensurate with experience and a full benefits package, including: medical, dental, and vision insurance, long-term disability insurance, life, and AD&D insurance, employer-matching Group RRSP, generous holiday and vacation policies, sabbaticals, a monthly fitness stipend, and professional development opportunities.

At Sama, we pride ourselves in being a diverse and equal opportunity employer.