Security Compliance Analyst (AI)

TL;DR

Security Compliance Analyst (AI): Building, operating, and scaling security compliance and customer trust programs with an accent on responding to customer security reviews, managing audits, assessing vendors, and automating compliance. Focus on shaping responses to questionnaires, supporting SOC 2 and ISO 27001 programs, improving GRC automation, and integrating compliance into system design.

Location: We are looking to hire inperson in SF or NY.

Salary: $150,000–$185,000 USD

Company

hirify.global provides an agent engineering platform and open-source frameworks to help developers build and ship reliable intelligent agents fast.

What you will do

• Build, maintain, and continuously improve responses to customer security questionnaires, RFPs, and trust reviews.
• Support the design, execution, and ongoing operation of SOC 2 and ISO 27001 compliance programs.
• Configure, operate, and improve GRC automation using tools like Vanta.
• Assist with the implementation of new security and privacy frameworks, including GDPR and CCPA.
• Work with Engineering, IT, and Security to make compliance a natural part of system design.
• Support the development and operation of a third-party risk management process.

Requirements

• 3+ years of professional experience in security compliance, GRC, risk management, privacy operations, or a closely related role.
• Experience in a high-growth startup environment or a consulting/audit environment.
• Hands-on experience supporting or performing audits for SOC 2 and/or ISO 27001.
• Experience responding to customer security questionnaires, due-diligence requests, or trust reviews.
• Familiarity with GRC platforms such as Vanta, Drata, Secureframe, or AuditBoard, with an interest in automation-first compliance.
• Working understanding of cloud environments (AWS, GCP, or Azure) and exposure to privacy requirements such as GDPR, CCPA.

Nice to have

• Experience implementing or expanding new compliance or privacy frameworks beyond SOC 2.
• Experience improving GRC workflows through automation, APIs, or tooling integrations.
• Prior experience in a SaaS, cloud-native, developer-focused, or AI/ML-driven company.
• Familiarity with NIST CSF, CIS Controls, HIPAA, or Data Privacy Framework concepts.
• Relevant certifications such as CISA, CISSP, or ISO 27001 Foundation/Implementer.

Culture & Benefits

• Competitive compensation including base salary, meaningful equity, and benefits.
• Health and dental coverage.
• Flexible vacation.
• 401(k) plan and life insurance.
• Locally competitive benefits aligned with regional norms and regulations for EU and UK team members.