Security Risk and Compliance Analyst

Benefits

Parental leave

Not verified

Non-birth-parent leave

Not verified

Family-building benefits

• Fertility benefits: Not verified
• Adoption assistance: Not verified
• Surrogacy assistance: Not verified

Mental health support

Not verified

Relocation assistance

Not verified

Childcare support

Not verified

Learning budget

Not verified

Verification

Not verified last checked Jun 13, 2026

Salary

Not verified not verified - source not recorded; timestamp not recorded

401(k) match

Listed Source: EMPLR_CONTRIB_INCOME_AMT. source Last checked Jun 13, 2026.

Was this benefit information wrong? Tell us.

Schedule

Shift type

Not verified

Weekend work

Not verified

Application

Cover letter

Not verified

Assessment

Not verified

Deadline

Not stated

Where they hire

State eligibility is not yet verified.

About this role

Security Risk and Compliance Analyst San Francisco Role Overview As a Security Risk and Compliance Analyst you will play a hands-on role in maturing and operating Asana's compliance and certification programme-specifically across controls maturity, policy governance, and audit execution. This role sits at the intersection of traditional GRC work and compliance engineering: you will help maintain our control frameworks and run our audit cycles, while also contributing to the automation initiatives that make our compliance programme scalable and repeatable. This is an excellent opportunity for someone with early-career GRC experience who is excited to grow their technical skills and help shape how a high-growth SaaS company approaches compliance automation. You will partner closely with Security Engineering, Legal, Privacy, and R&D to ensure our controls are effective, our evidence pipelines are reliable, and our certifications-SOC 2, ISO 27001, and FedRAMP-are maintained with rigour. This role is based in our San Francisco office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. If you're interviewing for this role, your recruiter will share more about the in-office requirements. What You'll Achieve Controls Maturity & Certifications - Support the maintenance and continuous improvement of Asana's control framework, tracking control effectiveness across SOC 2, ISO 27001, FedRAMP Moderate, and other applicable standards. - Proactively engage with a wide range of teams-including Engineering, IT, and People-to work through controls maturity activities, close existing gaps, and drive remediation efforts to completion

Read the full description at www.asana.com. FewerJobs shows a source-linked preview and links to the original posting.