Jobs · Legal · California

Governance, Risk, Compliance & Trust Analyst

Everlaw · Oakland, CA · 2 wk ago
HybridLegal$140k–$178k/yrFull-time

About the role

Independently drive moderately complex trust, compliance, and risk workstreams that help Everlaw scale responsibly and earn customer and regulator trust.

Sit at the intersection of customer trust, compliance operations, audit readiness, risk management, documentation quality, and cross-functional execution.

Translate Everlaw’s security and compliance posture into clear, accurate, audit-ready, and customer-ready outputs.

Operate in a way that reflects Everlaw’s long-term philosophy: act with integrity and discipline, pay attention to detail, improve process over time, set a high bar for quality, and partner with others in an egoless and respectful way.

Responsibilities

  • Support audit readiness across core frameworks such as FedRAMP, SOC 2, and ISO 27001/27017/27018 by organizing evidence, maintaining documentation quality, and partnering with control owners to close gaps.
  • Manage compliance operations that require structured follow-through, including evidence requests, policy and procedure updates, control narrative maintenance, and recurring review cycles.
  • Partner cross-functionally with Security Engineering, DevOps, IT, Legal, People, Procurement, and other stakeholders to gather inputs, validate implementation details, and produce audit-ready or stakeholder-ready outputs.
  • Help maintain strong execution against defined compliance SLAs, milestones, and recurring obligations, escalating risks early and driving issues through resolution.
  • Translate technical, operational, and regulatory topics into clear written deliverables for internal and external audiences, including concise summaries of requirements, risks, tradeoffs, and recommendations.
  • Support internal risk and governance processes, including security impact analyses, change-related compliance reviews, and other structured review workflows as assigned.
  • Contribute to the ongoing operation of the Public Sector Clearance Program, to include guiding new cohorts through the program, maintaining status and tracking open issues, and communicating program updates to Everlaw stakeholders.

Requirements

Strong working knowledge of customer trust, compliance operations, risk, and the evidence and control narratives needed to support questionnaires, reviews, and audits.

Experience supporting FedRAMP, SOC 2, ISO 27001/27017/27018, or similar compliance frameworks.

Experience leading the completion of customer security questionnaires and working within trust portals, evidence repositories, or other GRC tooling software.

Experience using workflow, metrics, or dashboard data to improve trust and compliance operations and to meet defined SLAs.

Can independently research moderately complex questions, synthesize inputs from multiple stakeholders, and produce high-quality written deliverables with a high bar for clarity and accuracy.

Communicate complex topics simply and concisely, tailor communication to the audience, and navigate moderate disagreement while keeping focus on shared outcomes.

Organized and reliable, maintain momentum across planned work and ad hoc requests, and escalate thoughtfully before risks become blockers.

Think beyond the immediate request and consider how current decisions affect future operations, compliance posture, and stakeholder experience.

Comfortable operating in environments with some ambiguity, shifting priorities, and multiple stakeholders.

Sound judgment, professional maturity, and a strong sense of accountability when handling sensitive or high-visibility work.

Similar jobs