Build and scale LangChain's privacy compliance program across SOC 2, ISO 27001, GDPR, CCPA, and HIPAA. Partner with engineering and legal to embed controls, manage audits, and support enterprise sales.
175k – 220k
On-site5+ YOESecurity Engineering
About the role
What you'll do
Build and automate our compliance operations layer, including evidence pipelines, control monitoring, and agentic systems for always-on visibility into our compliance posture.
Work directly with Engineering to embed security and privacy controls into our products, including deletion pipelines, PII detection, access audit logging, and fine-grained data access controls.
Maintain and scale our certification and audit programs across SOC 2, ISO 27001, ISO 27701, ISO 42001, HIPAA, GDPR, CCPA, EU-US Data Privacy Framework, and others. Drive audit readiness, identify overlapping requirements, and reuse evidence across frameworks to continuously strengthen our security story.
Partner with Legal on security and privacy contract execution, covering DPAs, BAAs, security addenda, and vendor terms. Build the templates, playbooks, and review processes that enable fast, reliable execution in regulated verticals and unblock enterprise sales.
Monitor adherence to security and privacy contractual obligations across all signed agreements, building the operational workflows and tracking mechanisms to stay on top of commitments as our customer base grows.
Contribute to LangChain's customer trust program — security questionnaire responses, due-diligence reviews, and the trust documentation and whitepapers that give regulated-industry customers confidence in our security posture.
Support vendor privacy risk assessments during onboarding and renewals.
What you'll bring
5+ years in privacy, GRC, or security compliance, ideally with time at a Big 4 or advisory firm, or in-house at a high-growth tech company.
Hands-on operational experience with privacy regulations and compliance frameworks (GDPR, HIPAA, CCPA, ISO 27001, ISO 27701, SOC 2), including controls mapping, audit support, and day-to-day program operations.
Experience with DPAs and BAAs: reviewing, negotiating, or operationalizing them in a commercial context.
Technical fluency: comfortable reading code, understanding data flows, validating that controls work as described, and collaborating directly with engineering teams.
Exceptional writer. You'll draft policies, respond to security questionnaires, and translate complex requirements into clear guidance for audiences ranging from engineers to executives.
Nice to have
Background in a regulated industry (healthcare, finance, government) or working directly with regulated-industry customers.
Experience working across multi-cloud deployment environments.
Ability to write scripts or code (Python is a strong plus) to automate compliance checks, privacy workflows, or build integrations between security and compliance tooling.
Relevant certifications such as CIPM, CIPP/E, CIPP/US, CISA, CISSP, ISO 27001 Lead Implementer, or ISO 27701 Lead Implementer.
Compensation
Annual salary range: $175,000 - $220,000 USD
Compensation includes base salary, variable compensation for relevant roles, meaningful equity, benefits, and perks.
Benefits include medical, dental, and vision coverage, flexible vacation, a 401(k) plan, meals on in-office days in the US and more.
Product Security Engineer embedding into engineering workflows to conduct architecture reviews, threat modeling, and penetration testing coordination while serving as GCP security SME. Requires 5-7 years experience and strong GCP and Python skills.
175k – 200k
Remote5+ YOESecurity Engineering
Security Engineer
PoeticSan Francisco, CA +1
Owns end-to-end security posture including product security, infrastructure hardening, internal tooling, corporate security, and compliance programs like SOC 2 and PCI. Requires 4+ years experience with engineering background and hands-on builder mindset in fast-paced environments.
175k – 225k
On-site4+ YOESecurity Engineering
Security Engineer, Detection & Response
LiftoffUnited States
Security Engineer focused on operating the SIEM, building AI-augmented detection tooling, triaging alerts, and leading incident response for a high-scale mobile adtech platform.
172k – 240k
Remote5+ YOESecurity Engineering
Endpoint Security Engineer
CrusoeSan Francisco, CA +2
Security Engineer responsible for endpoint security architecture, MDM administration (Jamf, Intune), compliance enforcement, and automation across macOS, Windows, iOS, and Android devices. Requires 3-6 years MDM experience, OSQuery/CrowdStrike expertise, and a security-first mindset.
170k – 205k
On-site3+ YOESecurity Engineering
Software Engineer, Trust & Safety
SunoSan Francisco, CA
Suno is seeking a Software Engineer, Trust & Safety to protect its platform and users from abuse, fraud, and harmful content. This role involves building data pipelines, anomaly detection systems, and internal tools to ensure user safety and platform integrity.