Vanta

Security Compliance Automation — Trust Management for Modern Companies

The consensus on Vanta: Pays extremely well and owns its market niche, but the meeting-heavy culture and low WLB score (3.3/5) signal this is not for anyone seeking balance.

2018
Founded
San Francisco
Headquarters
~1,400
Employees
$2.45B
Valuation
Free Work at Vanta? Claim this profile
Update your company's culture data, respond to reviews, and feature your open roles prominently.
Free Work at Vanta? Claim this profile
Update your company's culture data, respond to reviews, and feature your open roles prominently.
Culture Overview

What it's really like to work at Vanta

Vanta is the category leader in security compliance automation, helping companies get SOC 2, ISO 27001, and HIPAA certified faster. The compensation is strong (rated 4.3/5 — best category) and the product is market-defining. However, the culture is meeting-heavy with work frequently spilling into nights and weekends. Sales targets are widely considered unrealistic, with virtually no AEs hitting quota. The WLB score of 3.3/5 is one of the lowest in our database.

Product Impact Ship Fast Equity
Glassdoor Ratings

Vanta Glassdoor Ratings & Employee Reviews

3.8
Overall Glassdoor Score
Based on employee reviews
Culture & Values3.9
Compensation & Benefits4.3
Senior Management3.6
Career Opportunities3.6
Work-Life Balance3.3
Overall Rating3.8
76% Recommend to a Friend
80% CEO Approval (Christina Cacioppo)
Employee Review Themes

Working at Vanta: Pros & Cons

What employees love

  • Strong compensation rated 4.3/5 — best category score
  • Market-defining product in security compliance automation
  • Category leader with strong product-market fit and growth

What could be better

  • Brutal meeting culture pushing work into nights and weekends
  • Virtually no AEs hit quota — targets unrealistically high
  • WLB score of 3.3/5 is among the lowest in the industry
Open Positions

Join the Vanta team

... open positions.

Community Sentiment

What the community says about Vanta

Mostly Negative 5 mentions from Hacker News & Reddit · Updated 2026-03-30
“I am, CMMC 2.0 requires and is essentially satisfied by FedRAMP Moderate, and NIST 800-171 is a subset of FedRAMP. Notably both CMMC and FedRAMP were met with immense criticism from industry which was mostly ignored.”
Hacker News cuuupid · 2026-03-19 View thread →
“Location: Europe Remote:Yes Willing to relocate: no Technologies: Vue, React, Next.js, Tailwind, Node.js, Django, PostgreSQL, Prisma, Redis, Celery, FFmpeg, HLS.”
Hacker News athosblade · 2025-12-02 View thread →
“Location: Europe Remote:Yes Willing to relocate: noTechnologies:Vue, React, Next.js, Tailwind, Node.js, Django, PostgreSQL, Prisma, Redis, Celery, FFmpeg, HLS.”
Hacker News athosblade · 2025-11-04 View thread →
“Location: Europe Remote:YesWilling to relocate: noTechnologies:Vue, React, Next.js, Tailwind, Node.js, Django, PostgreSQL, Prisma, Redis, Celery, FFmpeg, HLS.”
Hacker News athosblade · 2025-09-02 View thread →

Sentiment data refreshed daily from public Hacker News and Reddit discussions. See all company profiles →

🏢

Claim Vanta

Take ownership of your company's culture profile.

We'll respond within 24 hours. No spam, ever.

Request received!

We'll review your request and get back to you within 24 hours.

🏢

Claim Vanta

Take ownership of your company's culture profile. Update your data, respond to community sentiment, and feature your open roles to candidates who care about culture.

We'll respond within 24 hours. No spam, ever.

Request received!

We'll review your request and get back to you within 24 hours at the email you provided.