CrawlJobs Logo

Governance, Risk, Compliance & Trust Analyst

United States, Oakland Employment contract 140000.00 - 178000.00 USD / Year · Job Posted July 03, 2026
Apply Position
Job Link Share

Job Description

At Everlaw, our mission is to promote justice by illuminating truth. We build technology that helps legal teams find the information they need to achieve their truth-finding goals. As a GRCT Analyst, you will independently drive moderately complex trust, compliance, and risk workstreams that help Everlaw scale responsibly and earn customer and regulator trust over time. This role sits at the intersection of customer trust, compliance operations, audit readiness, risk management, documentation quality, and cross-functional execution.

Job Responsibility

  • Support audit readiness across core frameworks such as FedRAMP, SOC 2, and ISO 27001/27017/27018 by organizing evidence, maintaining documentation quality, and partnering with control owners to close gaps
  • Manage compliance operations that require structured follow-through, including evidence requests, policy and procedure updates, control narrative maintenance, and recurring review cycles
  • Partner cross-functionally with Security Engineering, DevOps, IT, Legal, People, Procurement, and other stakeholders to gather inputs, validate implementation details, and produce audit-ready or stakeholder-ready outputs
  • Help maintain strong execution against defined compliance SLAs, milestones, and recurring obligations, escalating risks early and driving issues through resolution
  • Translate technical, operational, and regulatory topics into clear written deliverables for internal and external audiences, including concise summaries of requirements, risks, tradeoffs, and recommendations
  • Support internal risk and governance processes, including security impact analyses, change-related compliance reviews, and other structured review workflows as assigned
  • Contribute to the on-going operation of the Public Sector Clearance Program, to include guiding new cohorts through the program, maintaining status and tracking open issues, and communicating program updates to Everlaw stakeholders
  • Manage customer security questionnaires, trust inquiries, and related diligence requests with minimal supervision, including researching answers, validating claims, gathering evidence, and producing accurate, customer-ready responses
  • Maintain and improve customer-facing trust content across repositories, trust portals, knowledge resources, and standard response libraries so that recurring requests can be answered more consistently and efficiently
  • Partner closely with Security Engineering, DevOps, Legal, GTM, Product, IT, and other stakeholders to collect inputs, resolve ambiguities, and ensure trust responses reflect current implementation and approved positioning
  • Help maintain strong execution against trust-related SLAs and operating expectations, including turnaround time, response quality, and internal coordination on high-priority or high-visibility requests
  • Identify gaps, inconsistencies, or stale content in trust materials and proactively drive updates so that customer-facing representations remain accurate, supportable, and easy to reuse
  • Support broader trust enablement initiatives, including trust center improvements, evidence library maintenance, standardization of response content, and process improvements that reduce manual effort and rework
  • Use workflow data and request trends to identify recurring customer concerns, bottlenecks, and improvement opportunities, then recommend practical changes to content, process, or tooling
  • Manage customer security questionnaire and trust inquiry workflows with minimal supervision, including researching answers, synthesizing evidence, improving repository content, and helping stakeholders receive timely and accurate responses
  • Own end-to-end delivery of moderately complex vendor review workstreams, including intake review, scoping, dependency management, stakeholder coordination, and timely completion with limited oversight
  • Conduct security and compliance reviews of third parties by gathering and analyzing documentation such as security questionnaires, architecture details, data flow information, attestations, policies, and contractual commitments
  • Evaluate vendor security posture against Everlaw requirements for confidentiality, integrity, availability, privacy, access control, incident response, change management, and regulatory obligations
  • Partner with Procurement, Legal, Security Engineering, IT, business owners, and other stakeholders to validate proposed use cases, clarify data access patterns, and ensure risks are understood before onboarding or renewal decisions are made
  • Help determine whether vendor controls, architecture, access models, and contractual terms are appropriate for the intended use case, and clearly document identified gaps, assumptions, compensating controls, and recommended next steps
  • Maintain strong execution against vendor review SLAs, queue expectations, and recurring review obligations, escalating blockers and higher-risk issues early
  • Own end-to-end delivery of moderately complex security training program workstreams, including planning, content coordination, stakeholder alignment, rollout tracking, and continuous improvement with limited oversight
  • Support the design, maintenance, and execution of security and compliance training required for Everlaw personnel, with particular attention to role-based, environment-specific, and regulatory training obligations
  • Maintain training content so it is accurate, current, and aligned with Everlaw policies, operational practices, and external requirements such as FedRAMP, CJIS, export control, and related obligations where applicable
  • Partner with GRCT, Legal, HR, Security, IT, and business stakeholders to gather subject matter input, validate training expectations, and ensure training materials reflect approved guidance and current operating reality
  • Coordinate recurring training cycles, onboarding-related assignments, acknowledgements, re-certifications, and related evidence collection so completion records are reliable, reviewable, and audit-ready
  • Help maintain strong execution against program deadlines, annual and periodic training obligations, and related audit or assessment requests by tracking status, identifying gaps early, and driving follow-through
  • Contribute to a training program that reinforces Everlaw principles by promoting disciplined execution, clear communication, respect for users, and a high bar for secure handling of sensitive data

Requirements

  • 5+ years of experience working as an individual contributor with a Governance, Risk, Compliance and Trust team
  • Strong working knowledge of customer trust, compliance operations, risk, and the evidence and control narratives needed to support questionnaires, reviews, and audits
  • Experience supporting FedRAMP, SOC 2, ISO 27001/27017/27018, or similar compliance frameworks
  • Experience leading the completion of customer security questionnaires and working within trust portals, evidence repositories, or other GRC tooling software
  • Experience using workflow, metrics, or dashboard data to improve trust and compliance operations and to meet defined SLAs
  • Ability to independently research moderately complex questions, synthesize inputs from multiple stakeholders, and produce high-quality written deliverables with a high bar for clarity and accuracy
  • Ability to communicate complex topics simply and concisely, tailor communication to the audience, and navigate moderate disagreement while keeping focus on shared outcomes
  • Organized and reliable, maintain momentum across planned work and ad hoc requests, and escalate thoughtfully before risks become blockers
  • Ability to think beyond the immediate request and consider how current decisions affect future operations, compliance posture, and stakeholder experience
  • Comfortable operating in environments with some ambiguity, shifting priorities, and multiple stakeholders
  • Sound judgment, professional maturity, and a strong sense of accountability when handling sensitive or high-visibility work

What we offer

  • Equity program
  • 401(k) retirement plan with company matching
  • Health, dental, and vision
  • Flexible Spending Accounts for health and dependent care expenses
  • Paid parental leave and approximately 10 days (80 hours) per year of sick leave
  • Seventeen paid vacation days plus 11 federal holidays
  • Membership to Modern Health to help employees prioritize mental health and wellness
  • Annual allocation for Learning & Development opportunities and applicable professional membership dues
  • Company-sponsored life and disability insurance
  • Work in Downtown Oakland, just steps from the BART line and dozens of restaurants
  • Powerful Linux laptop
  • Team lunches and out-of-the-box events
  • Ranked #1 on G2 for Ediscovery Software and Momentum
  • Free eDiscovery resources through Everlaw for Good
  • Time off for company-sponsored volunteer events and 4 paid hours per quarter to volunteer at a charitable organization
  • Learning and career development opportunities

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Governance, Risk, Compliance & Trust Analyst

8 matching positions

IT Compliance and Governance Analyst

Software Resources has an immediate, long term contract job opportunity for an I...
Location
Location
United States , Orlando
Salary
Salary:
Not provided
softwareresources.com Logo
Software Resources
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience
  • Associate’s degree or higher, Bachelor’s degree preferred
  • Extensive experience working in IT with 5+ years in a Compliance role that includes defining strategy, implementing new processes, project management, vendor and contract management
  • Experience with hardware/software compliance lifecycle including regulations such as PCI, HIPAA, SOX etc.
  • ITIL Foundations preferred
  • IT Business Continuity planning experience preferred, especially IT Disaster Recovery planning
  • Working understanding of IT system platforms
  • Extensive process documenting experience is preferred
  • Extensive knowledge and experience working with applicable data security, compliance and privacy practice laws
  • One Trust experience would be great but 3+ years of experience in IRR/CMPs works
Job Responsibility
Job Responsibility
  • Acts as a subject matter expert for IT Compliance items
  • Assists with the administration and maintenance of policies and procedures for effective compliance management for all applicable IT related rules and regulations
  • Creates and monitors systems and management processes for effective compliance reporting and remediation
  • Manages remediation activities to ensure ongoing regulatory processes are followed
  • Collaborates with internal customers including HR, Security and Internal Audit, users, staff members, and IT colleagues to assist in the definition, development, and documentation of compliance related business requirements
  • objectives
  • deliverables
  • and specifications for projects and activities
What we offer
What we offer
  • medical, dental, and vision coverage
  • a 401(k) with company match
  • short-term disability
  • life insurance with AD&D
Read More
Arrow Right

Compliance Analyst II

Our client, a leading federally chartered financial institution, is seeking a se...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 26, 2026
Flip Icon
Requirements
Requirements
  • Any university degree
  • 4+ to 5+ years of proven compliance, audit, or second line testing experience within the banking or financial services sector
  • Strong working knowledge of Canadian banking regulations and legislation (e.g., Bank Act, PCMLTFA, PIPEDA, Trust and Loans Company Act)
  • Solid experience with the design, execution, and reporting of monitoring & testing (M&T) programs
  • Exceptional written and verbal communication skills, with a proven ability to translate complex legislative requirements into clear, actionable, plain-language documentation
  • Proven negotiation, relationship management, and conflict-resolution skills
  • ability to influence others without direct authority
Job Responsibility
Job Responsibility
  • Design, plan, and execute the bank's second line of defense monitoring and testing program based on risk levels and regulatory expectations
  • Develop annual testing plans, review control effectiveness, and prepare detailed, plain-language reports highlighting findings for business stakeholders
  • Communicate weaknesses in key controls to stakeholders and deliver value-added recommendations to resolve compliance risks
  • Ensure testing plans, results, and findings are accurately logged in the Regulatory Compliance Management Database (RCMD) and maintain documents on the team SharePoint site
  • Partner closely with internal teams, including the Line 1B Governance and Controls team, Internal Audit, Risk, and Legal, to manage potential compliance issues and action plans
  • Support the preparation of quarterly and annual compliance reporting, attestations, and content for Board of Directors or Committee meetings, as well as responses to regulatory requests
  • Update and maintain team training programs, policies, and procedures to ensure they evolve alongside a changing regulatory environment
What we offer
What we offer
  • Gain exposure to robust compliance programs within a premier, federally regulated financial institution
  • Enjoy the security of a guaranteed 1.5-year assignment with a high possibility of extension or permanent placement
  • Balance your week with a structured hybrid routine (in-office Tuesday, Wednesday, and Thursday
  • remote Monday and Friday)
  • Work closely with senior leaders, global testing centers of expertise, legal teams, and internal audit, offering immense professional development
  • Fulltime
Read More
Arrow Right

Data Infrastructure & Governance Analyst

We're seeking a Data Infrastructure & Governance Analyst, a high-impact individu...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree AND 4+ years experience in engineering, product/technical program management, data analysis, or product development OR equivalent experience
  • 2+ years of experience managing cross-functional and/or cross-team projects
  • Understanding of data management concepts including data quality, metadata, lineage, and data lifecycle management
  • Demonstrated understanding of data governance and data quality fundamentals
  • Effective analytical and problem-solving skills with the ability to work across technical and business teams
  • Experience supporting AI, analytics, or advanced reporting solutions
  • Familiarity with enterprise data platforms, data catalogs, and governance tools
  • Knowledge of Responsible AI, data privacy, and security principles
  • Experience working cross-functionally in a large, matrixed organization
  • Executive-ready communication skills with the ability to communicate insights clearly to leaders
Job Responsibility
Job Responsibility
  • Partner with data engineering and platform teams to support scalable, reliable data pipelines and analytical infrastructure for AI workloads
  • Ensure data sources used by AI models and analytics platforms are properly documented, discoverable, and fit-for-purpose
  • Contribute to standardization of data assets, metadata, and schemas to support reuse across AI initiatives
  • Implement and support data governance standards, policies, and controls across AI Acceleration use cases
  • Partner with Data Owners and Data Stewards to define data quality rules, metrics, and monitoring processes
  • Support metadata management, data catalogs, lineage, and classification to improve transparency and trust in data
  • Assist with compliance activities related to privacy, security, retention, and Responsible AI data usage
  • Enable AI scenarios by ensuring approved, high-quality data is available for model training, inference, and evaluation
  • Support data readiness assessments for AI initiatives, identifying risks and remediation actions early
  • Partner with analytics and AI teams to understand data requirements and translate them into governance and infrastructure actions
  • Fulltime
Read More
Arrow Right

Analyst, Security Compliance

As a Compliance Analyst, you will play an important role in supporting Teradata'...
Location
Location
United States , California
Salary
Salary:
76400.00 - 114500.00 USD / Year
teradata.com Logo
Teradata
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be a U.S. person located in the United States
  • A bachelor's degree in Information Security, Information Systems, or a related field, or equivalent experience, plus 1 to 3 years of experience in security, compliance, IT audit, or a related role
  • Foundational knowledge of security and privacy frameworks like ISO 27001, ISO 42001, SOC 1/2, HITRUST, and PCI DSS
  • Familiarity with FedRAMP (NIST SP 800-53), CMMC, and NIST SP 800-171 is strongly preferred
  • Experience supporting audits, risk assessments, or evidence collection activities
  • Strong organizational skills and the ability to manage multiple priorities in a deadline-driven environment
  • Effective communication skills, with the ability to work collaboratively across technical and non-technical teams
  • A working understanding of cloud security concepts and controls across environments such as AWS, Microsoft Azure, or Google Cloud Platform (GCP)
  • Familiarity with technologies and controls spanning hosts, databases, networking, and applications
  • Exposure to federal compliance artifacts and activities (SSP, SAR, POA&M, ConMon reporting) is a strong plus
Job Responsibility
Job Responsibility
  • Support day-to-day operations of Teradata's FedRAMP Moderate authorization, including continuous monitoring (ConMon) deliverables, POA&M management and remediation tracking, significant change documentation, and 3PAO annual assessment support
  • Assist with Teradata's CMMC compliance activities, including evidence collection and control mapping aligned to NIST SP 800-171
  • Gather, organize, and provide evidence of Teradata's security controls to support internal and external audits and certification activities
  • Coordinate with internal stakeholders to support compliance initiatives across the broader framework portfolio, including ISO 27001, SOC 2 Type 2, PCI DSS, HIPAA, and HITRUST
  • Respond to customer and prospect security requests, including security documentation packages, questionnaires, and audit support
  • Develop and maintain compliance metrics to track program health and support continuous improvement reporting
What we offer
What we offer
  • Healthcare
  • Life and disability insurance plans
  • 401(k)-retirement savings plan
  • Time-off programs
  • Fulltime
Read More
Arrow Right

Credit Risk Analytics Intermediate Analyst

The Credit Portfolio Intermediate Analyst role is a senior individual contributo...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of relevant experience in credit card risk analytics, consumer lending, or financial analytics
  • Bachelor's /University degree or equivalent experience in business, Statistics, Mathematics, Finance, Economics, or related quantitative fields
  • Advanced SQL
  • strong experience in SAS and/or Python
  • Strong command of credit risk analytics: vintage, segmentation, forecasting
  • Good understanding of various risk factors including stress testing, collateral risk and volatility, concentration risks, liquidity, and wrong way risk, with demonstrated experience in reviewing these factors and challenging any discrepancies
  • Expertise in translating analytics into business decisions
  • Advanced PowerPoint storytelling and data visualization
  • Deep understanding of credit card lifecycle and risk economics
  • Ability to influence decisions through data and judgment, Strong strategic thinking and problem structuring
Job Responsibility
Job Responsibility
  • Own end-to-end portfolio risk monitoring across delinquency, losses, payment behavior, and utilization
  • Lead vintage, cohort, and segmentation analysis to identify structural vs cyclical risk trends
  • Diagnose root causes of performance shifts and quantify P&L and capital impact
  • Define key risk indicators and ensure timely escalation of emerging risks
  • Support creation and maintenance of risk dashboards and MIS
  • Assist in diagnosing portfolio performance changes and segment-level risk drivers
  • Own risk assessment of acquisition strategies across channels and products
  • Evaluate early lifecycle risk (FPD, early delinquency) and recommend corrective actions
  • Partner with Product and Marketing to optimize risk-adjusted acquisition growth
  • Challenge business proposals using data-backed risk insights
  • Fulltime
Read More
Arrow Right

Data Governance Foundation Senior Lead Analyst

The Data Governance Foundation Sr Lead Analyst is responsible for leading activi...
Location
Location
United States , Charlotte; Getzville
Salary
Salary:
145840.00 - 218760.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience, Banking or Finance industry preferred in a Data Governance/ Data Management/ Process Engineering or related area
  • Communicates effectively, develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences
  • able to drive consensus, and influence relationships at all levels
  • Collaborates effectively by building partnerships and working well with others to meet shared objectives
  • Strong negotiation, influencing and stakeholder management skills across a variety of stakeholders at different levels
  • Optimizes work processes by balancing effective / efficient processes with a focus on continuous improvement. Demonstrates ability to balance between seeing the “big picture” while paying close attention to detail
  • Organizational savvy: understands systems, management processes, knows where to go for information and how to interpret them
  • Working knowledge of Data Operating Model practices, Data Governance and Data Compliance within large, financial services firms, Data Concepts, and the Corporate Lending products
  • Bachelor's/University degree, Master's degree preferred
Job Responsibility
Job Responsibility
  • Strategic Data Leadership: Drive the day-to-day execution and adoption of Citi's Data Transformation Plan, guiding data initiatives from concept to implementation
  • Subject Matter Expertise: Serve as a trusted subject matter expert within Banking, specifically Wholesale Lending for planning and analysis of project deliverables and processes, liaising with multiple teams
  • Stakeholder Collaboration: Build and nurture strong relationships with key stakeholders across the organization, facilitating seamless execution through effective meetings and communication
  • Project & Risk Management: Proactively identify, assess, and mitigate project risks and issues, proposing innovative solutions and ensuring timely delivery of complex data projects
  • Data Governance & Quality Assurance: Champion data quality, lineage, and governance frameworks, independently conducting analyses to develop robust business requirements, manage data issues, and define data quality rules
  • Data Analysis - Analyze banking and financial data (deposits, credit/debit cards, payments, etc). Write complex SQL queries, profile data, and support data modeling. Collaborate with SMEs, Data Architects, Product Owners, and technical teams to deliver data-driven solutions
  • Lead business analysis through collection, analysis, review, documentation and communication of business needs and requirements, to understand requirements and aligning these to Data Governance and/or Data Risk and Controls standards to drive appropriate solutions
  • Contribute to the establishment of Data Governance and/or Data Risk and Controls standards in alignment with Enterprise Chief Data Office, and ensure proper documentation of processes
  • Support key Data Transformation projects across the organization as Subject Matter Expert in data policies
  • Collaborate with colleagues to ensure timely execution of milestones, provide reporting of potential risks to delivery, and incorporate milestone reporting and changes
What we offer
What we offer
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Risk Identification 2nd Line of Defense Senior Analyst

Citi’s Enterprise Risk Identification function is responsible for the comprehens...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Comprehensive knowledge and experience in risk management
  • Familiarity with banking products and environment
  • Experience in handling problem situations
  • Proven experience in driving change within an organization
  • Good problem-solving skills and attention-to-detail
  • Ability to operate with guidance
  • Exceptional organizational skills, able to manage multiple tasks effectively
  • Sound critical thinking skills and business judgment
  • Strong written and verbal communication skills
Job Responsibility
Job Responsibility
  • Support execution of Risk Identification frameworks including policy, procedures, process and governance
  • Assist the team in its oversight of the First and Second Lines of Defense for the continued alignment of risk identification, measurement, monitoring and reporting practices across Citi’s businesses and functions
  • Support assessment of Risk Identification linkages to other risk management framework components / Enterprise programs such as risk appetite, stress testing, etc.
  • Display understanding of applicable regulatory guidance and support Citi’s continued efforts to address its various regulatory commitments
  • Understand internal and external environment and display effective data analysis and writing skills
  • Support Risk Identification training maintenance and timely roll-out to applicable stakeholders
  • Assist in the continued enhancement of Risk Identification technology capabilities and user support for the execution of the quarterly Risk Identification process
  • Identify opportunities to add value beyond the scope of formal projects e.g., develop impactful presentations for senior management and stakeholder decisions
  • Establish and leverage cross-functional partnerships and network with key internal stakeholders
  • Performs other duties and functions as assigned
What we offer
What we offer
  • Access to telehealth options, health advocates, confidential counseling
  • Paid Parental Leave Policy
  • Resources to manage financial well-being and help plan for the future
  • Access to an array of learning and development resources
  • Generous paid time off packages
  • Resources and tools to volunteer in the communities
  • Fulltime
Read More
Arrow Right

Risk Identification 2nd Line Of Defense Lead Analyst

Citi’s Enterprise Risk Identification function is responsible for the comprehens...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Comprehensive knowledge and experience in risk management
  • Familiarity with banking products and environment
  • Experience in handling problem situations
  • Proven experience in driving change and operate with limited oversight within an organization
  • Good problem-solving skills and attention-to-detail
  • Ability to operate with guidance
  • Exceptional organizational skills, able to manage multiple tasks effectively
  • Sound critical thinking skills and business judgment
  • Strong written and verbal communication skills
Job Responsibility
Job Responsibility
  • Maintain and support the execution of Risk Identification frameworks including policy, procedures, process and governance
  • Provide active guidance and oversight to the First and Second Lines of Defense for the continued alignment of risk identification, measurement, monitoring and reporting practices across Citi’s businesses and functions
  • Establish and enhance explicit Risk Identification linkages to other risk management framework components / Enterprise programs such as risk appetite, stress testing, etc.
  • Display strong understanding of applicable regulatory guidance and support Citi’s continued efforts to address its various regulatory commitments
  • Review internal and external environment, summarize multiple data sources and display effective writing skills for senior management
  • Support Risk Identification training maintenance and roll-out to applicable stakeholders
  • Support continued enhancement of Risk Identification technology capabilities and user support for the execution of the quarterly Risk Identification process
  • Identify opportunities to add value beyond the scope of formal projects e.g., develop and deliver impactful presentations for senior management and stakeholder decisions, drive closure of identified issues
  • Establish and leverage cross-functional partnerships and network with key internal stakeholders
  • Performs other duties and functions as assigned
What we offer
What we offer
  • Access to telehealth options, health advocates, confidential counseling
  • Paid Parental Leave Policy
  • Resources to manage financial well-being and help plan for the future
  • Access to an array of learning and development resources
  • Generous paid time off packages
  • Resources and tools to volunteer in the communities
  • Fulltime
Read More
Arrow Right