# Compliance Analyst

**Company:** [Harvey](https://hotfix.jobs/companies/harvey)
**Location:** San Francisco, CA
**Role:** Security Engineering
**Salary:** $99k – $149k/yr
**Experience:** 3+ years
**Skills:** Information Security Compliance, Government Compliance Frameworks, SaaS, Cloud Environments, Compliance Automation Tooling
**Posted:** 2026-06-03

> This Compliance Analyst role at Harvey involves owning and maintaining compliance documentation, coordinating evidence collection, and supporting third-party assessments. The role requires hands-on compliance work, close collaboration with Engineering and Security teams, and a detail-oriented approach to ensure program health and continuous monitoring.

## Job Description

## What You'll Do
* Own and maintain core compliance documentation — including compliance packages and security assessment reports — keeping them accurate and audit-ready
* Coordinate evidence collection across Engineering, Infrastructure, and Security for regulated assessments
* Support third-party assessor engagements end-to-end: scheduling, preparing teams, triaging findings, and drafting responses
* Conduct gap analyses against applicable frameworks and produce remediation tracking artifacts teams can act on directly
* Manage continuous monitoring activities including control reviews, change notifications, and incident documentation to maintain compliance status
* Partner with Engineering and Security to validate control implementations and translate regulatory language into testable technical configurations

## What You Have
* 3–5+ years in information security compliance with hands-on exposure to government and industry frameworks in a SaaS or cloud environment
* Solid working knowledge of applicable government compliance frameworks; ability to map controls to technical implementations and evaluate evidence quality
* Experience maintaining compliance documentation and tracking remediation activities; familiarity with compliance automation tooling
* Exceptional attention to detail — able to manage multiple concurrent workstreams and keep documentation aligned with a dynamic cloud environment
* Clear communicator: able to write crisp control implementation statements and explain compliance requirements to engineering audiences

## Compensation
$99,200 - $148,800

## Similar roles

- [Application Security Engineer](https://hotfix.jobs/jobs/d240253e-6098-4419-8f04-aaf793f42c03) - Zocdoc - Remote - $100k – $140k/yr
- [Security Engineer, Application Security](https://hotfix.jobs/jobs/18d79ceb-6c9b-4ecf-819a-fcd37324835f) - Trail of Bits - Remote - $100k – $200k/yr
- [Security Engineer (Security Operations, Zero Trust)](https://hotfix.jobs/jobs/70b32aeb-7b41-4578-8a52-7a1a46564864) - BlackCloak - Remote - $100k – $140k/yr
- [GRC Program Manager](https://hotfix.jobs/jobs/5b121fcc-25d9-471c-a57f-273f2ea2942b) - Astra - Remote - $95k – $135k/yr
- [Security Engineer II](https://hotfix.jobs/jobs/84d69823-ea1b-4385-93ad-d6700771519c) - Metropolis - Los Angeles, CA - $105k – $150k/yr

**Apply:** https://hotfix.jobs/jobs/b1657e99-edcc-41eb-b820-8b3e05df4e67
**Canonical:** https://hotfix.jobs/jobs/b1657e99-edcc-41eb-b820-8b3e05df4e67