×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Information Security

Security Compliance Analyst

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Langchain
Full Time position
Listed on 2026-01-15
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security
Job Description & How to Apply Below

About Lang Chain

At Lang Chain, our mission is to make intelligent agents ubiquitous. We provide the agent engineering platform and open source frameworks developers need to ship reliable agents fast.

Our open source frameworks, Lang Chain and Lang Graph, see over 90+ million downloads per month and help developers build agents with speed and granular control. Lang Smith offers observability, evaluation, and deployment for rapid iteration, enabling teams to transform LLM systems into dependable production experiences.

Lang Chain is trusted by millions of developers worldwide and powers AI teams at companies like Replit, Clay, Cloudflare, Harvey, Rippling, Vanta, Workday, and more.

About the role

Lang Chain is hiring a Security Compliance Analyst to help build, operate, and scale our security compliance and customer trust programs. We are looking to hire in person in SF or NY.

This role is highly hands-on and execution-focused. You will work across Security, Engineering, IT, Legal, People, and Product to turn security requirements into real, operating controls. You’ll help shape how we respond to customer security reviews, manage audits, assess vendors, and automate compliance using modern GRC tooling such as Vanta.

This role is well-suited for someone who enjoys building processes, working through ambiguity, and collaborating closely with a wide range of stakeholders to get things done.

  • Build, maintain, and continuously improve responses to customer security questionnaires
    , RFPs, and trust reviews in partnership with Security, Engineering, Legal, and Product teams.
  • Support the design, execution, and ongoing operation of SOC 2 and ISO 27001 compliance programs, including evidence collection, remediation tracking, and audit coordination.
  • Configure, operate, and improve GRC automation using tools like Vanta
    , focusing on continuous evidence collection and minimizing manual compliance work.
  • Assist with the implementation of new security and privacy frameworks
    , including scoping requirements, mapping controls, and helping operationalize them across the organization.
  • Support privacy compliance efforts (e.g.,
    GDPR, CCPA
    ) by maintaining documentation, tracking requirements, and partnering with Legal and Engineering on operational controls.
  • Work with Engineering, IT, and Security to make compliance a natural part of system design and operation
    , rather than a separate or manual process.
  • Identify control and evidence gaps and actively drive follow-ups with responsible teams to resolution.
  • Support the development and operation of a third-party risk management process, including vendor intake, security assessments, and ongoing reviews.
  • Partner with Legal, IT, Procurement, and Product during vendor onboarding and renewals to ensure security requirements are clearly understood and met.
  • Help draft, maintain, and evolve security policies, standards, and procedures so they are practical, clear, and aligned with how teams actually work.
  • Assist with tracking security and compliance risks in a centralized risk register and supporting remediation efforts.
  • Contribute to building repeatable, scalable processes that improve audit readiness and customer trust as Lang Chain grows.
How to be successful in this role
  • 3+ years of professional experience in security compliance, GRC, risk management, privacy operations, or a closely related role.
  • Experience in either:
    • a high-growth startup environment
      , or
    • a consulting, audit, or assurance environment (e.g., Big
      4), with exposure to multiple clients, systems, or stakeholders.
  • Hands-on experience supporting or performing audits for SOC 2 and/or ISO 27001
    , including evidence review, control validation, and remediation tracking.
  • Experience responding to customer security questionnaires
    , due-diligence requests, or trust reviews.
  • Familiarity with GRC platforms such as Vanta, Drata, Secureframe, or Audit Board
    , with an interest in automation-first compliance.
  • Working understanding of cloud environments (AWS, GCP, or Azure), including access controls, encryption, and logging concepts.
  • Exposure to privacy requirements such as GDPR, CCPA
    , or similar regulations, and experience supporting privacy-related…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search