Senior Staff Compliance Manager

About Zscaler

Serving thousands of enterprise customers around the world including 45% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital transformation so enterprises can be more agile, efficient, resilient, and secure. The pioneering, AI-powered Zscaler Zero Trust Exchange™ platform, which is found in our SASE and SSE offerings, protects thousands of enterprise customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.

Named a Best Workplace in Technology by Fortune and others, Zscaler fosters an inclusive and supportive culture that is home to some of the brightest minds in the industry. If you thrive in an environment that is fast-paced and collaborative, and you are passionate about building and innovating for the greater good, come make your next move with Zscaler.

Responsibilities:

We are seeking a Senior Staff Compliance Program Manager, GRC who brings a strong technical foundation, leveraging AI-driven solutions to streamline governance, risk, and compliance processes, enabling greater efficiency, accuracy, and adaptability. This is a highly impactful, hands-on leadership role for an independent thinker who is passionate about solving complex technical problems with a compliance lens. If you thrive on understanding how systems are built, integrating AI architectures, reimagining workflows, optimizing policy management, and ensuring compliance data integrity, then this role is for you.

This role reports into the Director of Information Security Compliance. This is a hybrid role reporting into the San Jose, CA office 3 days a week. In this position, you will:

• Design AI powered agents to enhance compliance tasks, including audit preparation, evidence collection, risk assessments, and control testing, while integrating autonomous and human-in-the-loop workflows for ongoing monitoring and remediation.
• Redefine traditional GRC processes with intelligent automation and develop agent-based workflows that integrate seamlessly with systems such as GRC platforms, cloud services, and ticketing tools.
• Build Natural Language Processing (NLP) enabled mechanisms to continuously analyze and update policies and regulatory mappings while delivering proactive compliance alerts for changes in policies, obligations, or controls.
• Collaborate with data engineering teams to design compliance data models that power AI/ML-driven risk analytics and dashboards, ensuring all training data adheres to privacy, governance, and security requirements.
• Mentor junior resources to foster a culture of innovation and problem-solving, encouraging creative approaches to overcoming challenges and emphasizing possibilities over limitations in compliance.

What We're Looking for (Minimum Qualifications):

• Experience with AI/ML architecture and platforms, technical program management, or GRC engineering, with direct responsibility for driving compliance, risk mitigation, and data protection strategies.
• Proven ability to develop automated workflows and processes via AI/ML platforms, orchestration tools, or intelligent automation workflows (LangChain, Rego, LLM APIs, GRC tools, etc.), with the goal of streamlining audit preparation, risk assessments, and control testing, integrating compliance-related checks into CI/CD pipelines.
• The ability to think outside of the box as it relates to traditional compliance, transitioning from manual, screenshot-based documentation to automated, machine-readable compliance evidence by designing systems and workflows that generate structured data outputs, enabling integration with audit processes and regulatory reporting tools.
• Demonstrated success in transforming traditional processes through intelligent automation and AI solutions, driving efficiency while maintaining regulatory fidelity.
• Strong background in partnering with engineering, legal, and compliance teams to build and operationalize automated solutions that balance innovation, accuracy, and governance requirements.

What Will Make You Stand Out (Preferred Qualifications):

• Proven experience in designing systems that facilitate audit processes, policy lifecycle management, or risk assessment strategies. Knowledge of AI governance frameworks and principles of model risk management preferred.
• Advanced Cloud Data Governance Design Expertise in understanding complex cloud data flows and designing technical enforcement mechanisms for data governance across cloud platforms.
• Comprehensive Standards Knowledge Familiarity with key security and compliance frameworks (e.g., ISO 27001, SOC 2, ISO 27701, GDPR, FedRAMP, 20x) and experience translating these standards into technical requirements and sustainable implementations.

#LI-BH1

#LI-Remote