Compliance Analyst, US Compliance Programs
New
S
SpellbookLegalTech / SaaS
Remote - USFull-TimeMiddle
Salary144,000 - 180,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Required Skills
- Risk ManagementHIPAA
Requirements
- Experience in compliance, security assurance, GRC, audit, risk management, privacy, or a related function.
- Familiarity with security and compliance frameworks such as SOC 2, ISO 27001, NIST 800-53, NIST CSF, HIPAA, FedRAMP, TX-RAMP, or GovRAMP.
- Hands-on experience collecting audit evidence, maintaining control documentation, tracking remediation, and supporting internal or external assessments.
- Experience using compliance automation or GRC platforms such as Vanta, Linear, or similar tools.
- Strong ability to read framework requirements, customer obligations, and regulatory guidance and convert them into actionable project plans.
- Experience partnering with technical teams to understand systems, access controls, data flows, infrastructure, cloud environments, and security control implementation.
- Excellent written and verbal communication skills.
- Highly organized and comfortable managing multiple compliance workstreams, deadlines, audits, and stakeholder dependencies.
- Pragmatic at distinguishing high-priority compliance risks from lower-impact administrative issues.
Responsibilities
- Implement and maintain US compliance program initiatives across government, healthcare, financial services, and enterprise SaaS customer requirements.
- Drive readiness, implementation, and ongoing maintenance for frameworks such as TX-RAMP, GovRAMP, FedRAMP, HIPAA, SOC 2, and other security or privacy compliance obligations.
- Manage compliance operations in platforms like Vanta — evidence collection, control monitoring, policy tracking, vendor documentation, employee compliance tasks, and audit-readiness workflows.
- Coordinate with external auditors, assessors, consultants, legal advisors, and certification bodies through every phase of an engagement.
- Lead government compliance initiatives, including control mapping, gap assessments, documentation packages, system descriptions, policy updates, and customer-facing compliance responses.
- Maintain compliance artifacts including policies, procedures, risk registers, control narratives, system inventories, access reviews, training records, and audit evidence.
- Track regulatory, framework, and customer requirement changes and translate them into practical updates to internal controls and workflows.
- Partner with Sales and Customer Success on security questionnaires, public sector procurement requirements, and regulated customer due diligence.
- Define repeatable compliance workflows for intake, triage, ownership, escalation, documentation, reporting, and remediation.
- Use AI, automation, and compliance tooling to reduce manual work, improve evidence quality, and accelerate program execution.
View Full Description & ApplyYou'll be redirected to the employer's site
