Spellbook
legaltech
ComplianceAnalyst,USCompliancePrograms
Neural analysis suggests this role is
optimal for Mid candidates.
“Compliance Analyst, US Compliance Programs at Spellbook. Skills: US compliance program, security and compliance frameworks, audit evidence collection, compliance automation or GRC platforms, translating requirements into actionable plans, partnering with technical teams, communication skills, organization, risk assessment, US Citizenship. Implement and maintain US compliance program initiatives across government, healthcare, financial services, and enterprise SaaS customer requirements.. Drive r”
What You'll Achieve.
operationalizing framework requirements; preparing for audits and assessments; maintaining audit-quality evidence; pushing government compliance initiatives forward with urgency; reduce manual work, improve evidence quality, and accelerate program execution
Industry & Context.
Pragmatic at distinguishing high-priority compliance risks from lower-impact administrative issues
US Citizenship and a non-expired US Passport or state-issued REAL ID driver's license.
What They're Looking For.
Must Have
Experience in compliance, security assurance, GRC, audit, risk management, privacy, or a related function — ideally supporting a SaaS, cloud, AI, legaltech, fintech, healthtech, or public sector environment., Hands-on experience collecting audit evidence, maintaining control documentation, tracking remediation, and supporting internal or external assessments., Experience using compliance automation or GRC platforms such as Vanta, Linear, or similar tools., ability to read framework requirements, customer obligations, and regulatory guidance and convert them into actionable project plans., Experience partnering with technical teams to understand systems, access controls, data flows, infrastructure, cloud environments, and security control implementation., Excellent written and verbal communication skills, with the ability to explain compliance requirements in plain English to technical, legal, business, and executive audiences., Highly organized and comfortable managing multiple compliance workstreams, deadlines, audits, and stakeholder dependencies at the same time., Pragmatic at distinguishing high-priority compliance risks from lower-impact administrative issues, and able to move with urgency in ambiguous environments., US Citizenship and a non-expired US Passport or state-issued REAL ID driver's license.
Nice to Have
Experience supporting or implementing TX-RAMP, GovRAMP, FedRAMP, or other public sector cloud compliance initiatives., Experience with HIPAA compliance, healthcare customer requirements, BAAs, ePHI safeguards, or healthcare security assessments., Direct experience working with 3PAOs, external auditors, government assessors, or public sector procurement teams., Experience with NIST 800-53 control mapping, SSPs, POA&Ms, continuous monitoring, authorization boundaries, customer responsibility matrices, or audit evidence packages., Certifications such as CISA, CRISC, CISM, CISSP, CCSK, ISO 27001 Lead Implementer/Auditor, CIPP/US, or similar.
What You'll Do.
Implement and maintain US compliance program initiatives across government
and enterprise SaaS customer requirements.
and ongoing maintenance for frameworks such as TX-RAMP
and other security or privacy compliance obligations.
Manage compliance operations in platforms like Vanta — evidence collection
employee compliance tasks
and audit-readiness workflows.
Coordinate with external auditors
and certification bodies through every phase of an engagement.
Lead government compliance initiatives
including control mapping
documentation packages
and customer-facing compliance responses.
Maintain compliance artifacts including policies
and customer requirement changes and translate them into practical updates to internal controls and workflows.
Partner with Sales and Customer Success on security questionnaires
public sector procurement requirements
and regulated customer due diligence.
Define repeatable compliance workflows for intake
and compliance tooling to reduce manual work
improve evidence quality
and accelerate program execution.
Support with other responsibilities and projects as required.
How You'll Work.
Team & Collaboration
partner closely with our Director of Security & IT; work cross-functionally with Engineering, Legal, Sales, and Customer Success; Partner with Sales and Customer Success on security questionnaires, public sector procurement requirements, and regulated customer due diligence.; Coordinate with external auditors, assessors, consultants, legal advisors, and certification bodies
Communication Scope
Excellent written and verbal communication skills, with the ability to explain compliance requirements in plain English to technical, legal, business, and executive audiences.
Process & Methodology
ability to read framework requirements, customer obligations, and regulatory guidance and convert them into actionable project plans., Highly organized and comfortable managing multiple compliance workstreams, deadlines, audits, and stakeholder dependencies at the same time.
Full Job Description
Spellbook is the most comprehensive AI copilot for transactional lawyers. It works directly inside Microsoft Word to help legal teams draft, review, and negotiate contracts up to 10x faster and with greater precision. Today, more than 4,000 law firms, in-house teams, and solo practitioners rely on Spellbook to simplify their workflows and eliminate the drudgery of everyday contract work. We are backed by leading investors including Khosla Ventures, Thomson Reuters Ventures, Inovia Capital, The LegalTech Fund, Bling Capital, and Moxxie Ventures. The company recently raised $50 million in Series B funding, led by Keith Rabois at Khosla Ventures, bringing its total funding to more than $80 million. *This is an existing vacancy ABOUT THE ROLE Legal teams worldwide trust Spellbook with sensitive, confidential, and privileged information, and we're looking for a Compliance Analyst to help us hold up our end of that trust. You'll build, implement, and scale Spellbook's US compliance program across government, healthcare, financial services, and other regulated customers — operationalizing framework requirements, preparing for audits and assessments, maintaining audit-quality evidence, and pushing government compliance initiatives forward with urgency. You'll partner closely with our Director of Security & IT and work cross-functionally with Engineering, Legal, Sales, and Customer Success. This is a hands-on execution role for someone who can translate complex frameworks, regulations, and customer requirements into practical internal processes that keep Spellbook moving quickly and responsibly. RESPONSIBILITIES • Implement and maintain US compliance program initiatives across government, healthcare, financial services, and enterprise SaaS customer requirements. • Drive readiness, implementation, and ongoing maintenance for frameworks such as TX-RAMP, GovRAMP, FedRAMP, HIPAA, SOC 2, and other security or privacy compliance obligations. • Manage compliance operations in platf
Applying for this Compliance Analyst, US Compliance Programs role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Spellbook?
Real rants from real employees. Read before you apply.