Security Compliance Analyst Jobs in California
Security Compliance Analyst jobs in California represent one of the most active markets in the country, concentrated in technology, defense contracting, financial services, and healthcare, with openings at every level from entry-level GRC associates through senior compliance architects. The heaviest hiring activity is in San Francisco, Los Angeles, and San Diego, where anchor employers such as Google, Lockheed Martin, and Kaiser Permanente maintain large security and compliance functions. The most in-demand specializations are cloud security compliance, HIPAA and CMMC frameworks, and third-party risk management. Find a role that fits below and apply directly.
Find JobsOverview
Showing 5 of 23+ Security Compliance Analyst jobs
INTRODUCTION
Cooley is seeking an IG Compliance & Security Analyst to join the Information Governance & Data Privacy team.
Position Summary:
Cooley Information Services (IS) embraces a culture of customer service excellence and all members of the department are expected to move this agenda forward. To that end, the IG Compliance & Security Analyst is expected to recognize that the Cooley IS Department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.
Position responsibilities:
- Conduct both internal and external audits to ensure compliance with all industry-mandated regulations
- Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures
- Monitor activities of assigned IS areas to ensure compliance with internal policies and standards
- Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance
- Provide guidance to business functions on compliance/security-related matters
- Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings
- Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables
- Conduct formal risk assessment reviews to determine the critical points of business exposure
- Evaluate and recommend commercial governance, risk and compliance vendors and tools
- Maintain the firm’s ISO 27001 certification
- Maintain the firm’s governance, risk and compliance tools
- Answer client assessment and audits to ensure firm compliance
- Perform assessments and audits of vendors to ensure compliance with firm security policies and procedures
- Develop and maintain metrics that assess the firm’s governance, risk and compliance initiatives
- Assess and track the firm’s compliance to existing and future global regulations in privacy and security
- Assess and track the firm’s compliance with standard security frameworks such as ISO and NIST
- Assist in the identification of risks, threats and vulnerabilities to firm
- Track risks and mitigation efforts
- Participate in governance, risk and compliance forums and organizations to learn new ideas to solve problems
- Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change
- Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status
- Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile
- All other duties as assigned or required
Skills and experience:
Required:
- Ability to work extended and/or weekend hours, as required
- Ability to travel, as required
- 3+ years’ experience in governance, risk and compliance (GRC) processes, solutions, information security and auditing; Eligible for consideration of Senior designation with 5+ years’ directly applicable work experience
- CISSP or equivalent certifications and/or experience
- Demonstrated ability to apply IS-related knowledge and experience in solving compliance issues
- Background in security controls, auditing, network and system security
- Proven practical experience in information security and well-rounded knowledge of IST
- Experience with managing and implementing ISO 27001 or NIST compliance
- Demonstrated experience evaluating the security posture of vendors and system architecture
- Prior experience implementing and running incident management programs and systems
- Prior experience handling vendor relationships
- Project management experience
Preferred:
- Bachelor’s degree in Information Technology or Computer Information Systems
- Prior law firm experience
- Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related GIAC
- Experience acting in an independent audit function
- Experience implementing GDPR, HIPAA, SOC 2 audits
- Additional security certifications
Competencies:
- Exceptional customer service skills
- Ability to express technical concepts in business terms
- Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently
- Excellent analytical, problem-solving and project management skills
- Ability to balance security best practices with business objectives
- Proven track record of excellent decision-making, integrity and working with IS management, business users and staff
- Excellent oral and written communication skills, including technical and user documentation
- Detail orientated and strong organizational skills
- Ability to work independently and under high pressure with tight schedules and deadlines
- Ability to interact well with all levels of staff
- Excellent active listening skills
- Ambitious and motivated team player
- Capable of grasping new concepts quickly and without prior experience
- Ability to interact and coordinate with several teams to achieve objectives
- Ability to solve problems independently and simultaneously, effectively managing multiple tasks
- Professional demeanor at all times
Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices.
EOE.
The expected annual pay range for this position with a full-time schedule is $88,000 - $124,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience.
We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off (“PTO”) and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.
INTRODUCTION
Cooley is seeking an IG Compliance & Security Analyst to join the Information Governance & Data Privacy team.
Position Summary:
Cooley Information Services (IS) embraces a culture of customer service excellence and all members of the department are expected to move this agenda forward. To that end, the IG Compliance & Security Analyst is expected to recognize that the Cooley IS Department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.
Position responsibilities:
- Conduct both internal and external audits to ensure compliance with all industry-mandated regulations
- Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures
- Monitor activities of assigned IS areas to ensure compliance with internal policies and standards
- Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance
- Provide guidance to business functions on compliance/security-related matters
- Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings
- Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables
- Conduct formal risk assessment reviews to determine the critical points of business exposure
- Evaluate and recommend commercial governance, risk and compliance vendors and tools
- Maintain the firm’s ISO 27001 certification
- Maintain the firm’s governance, risk and compliance tools
- Answer client assessment and audits to ensure firm compliance
- Perform assessments and audits of vendors to ensure compliance with firm security policies and procedures
- Develop and maintain metrics that assess the firm’s governance, risk and compliance initiatives
- Assess and track the firm’s compliance to existing and future global regulations in privacy and security
- Assess and track the firm’s compliance with standard security frameworks such as ISO and NIST
- Assist in the identification of risks, threats and vulnerabilities to firm
- Track risks and mitigation efforts
- Participate in governance, risk and compliance forums and organizations to learn new ideas to solve problems
- Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change
- Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status
- Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile
- All other duties as assigned or required
Skills and experience:
Required:
- Ability to work extended and/or weekend hours, as required
- Ability to travel, as required
- 3+ years’ experience in governance, risk and compliance (GRC) processes, solutions, information security and auditing; Eligible for consideration of Senior designation with 5+ years’ directly applicable work experience
- CISSP or equivalent certifications and/or experience
- Demonstrated ability to apply IS-related knowledge and experience in solving compliance issues
- Background in security controls, auditing, network and system security
- Proven practical experience in information security and well-rounded knowledge of IST
- Experience with managing and implementing ISO 27001 or NIST compliance
- Demonstrated experience evaluating the security posture of vendors and system architecture
- Prior experience implementing and running incident management programs and systems
- Prior experience handling vendor relationships
- Project management experience
Preferred:
- Bachelor’s degree in Information Technology or Computer Information Systems
- Prior law firm experience
- Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related GIAC
- Experience acting in an independent audit function
- Experience implementing GDPR, HIPAA, SOC 2 audits
- Additional security certifications
Competencies:
- Exceptional customer service skills
- Ability to express technical concepts in business terms
- Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently
- Excellent analytical, problem-solving and project management skills
- Ability to balance security best practices with business objectives
- Proven track record of excellent decision-making, integrity and working with IS management, business users and staff
- Excellent oral and written communication skills, including technical and user documentation
- Detail orientated and strong organizational skills
- Ability to work independently and under high pressure with tight schedules and deadlines
- Ability to interact well with all levels of staff
- Excellent active listening skills
- Ambitious and motivated team player
- Capable of grasping new concepts quickly and without prior experience
- Ability to interact and coordinate with several teams to achieve objectives
- Ability to solve problems independently and simultaneously, effectively managing multiple tasks
- Professional demeanor at all times
Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices.
EOE.
The expected annual pay range for this position with a full-time schedule is $88,000 - $124,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience.
We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off (“PTO”) and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.
See All 23 Security Compliance Analyst Jobs in California
Find roles in California that match your experience and apply in just a few clicks.
Find JobsSecurity Compliance Analyst Jobs by City in California
Where California roles are concentrated, by current openings.
Security Compliance Analyst Job Market in California
A snapshot from current California openings, updated as new roles post.
Who's Hiring
- Coinbase2
- Control Risks2
- Meta2
- Adobe1
- CRUSOE1
Top Industries Hiring
- Technology & Software9
- Consulting & Professional Services2
- Education2
- Investment & Asset Management2
- Artificial Intelligence1
What California Employers Look For
The qualifications that appear most often in security compliance analyst jobs across California.
- Bachelor's degree in information security, computer science, cybersecurity, or a related field
- Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification preferred
- Hands-on experience with NIST, ISO 27001, SOC 2, or CMMC compliance frameworks
- Familiarity with California Consumer Privacy Act (CCPA) requirements and data privacy regulations
- Experience conducting security risk assessments, audits, and gap analyses
- Proficiency with GRC platforms such as ServiceNow, Archer, or similar compliance management tools
Security Compliance Analyst Jobs in California: Frequently Asked Questions
How do you become a security compliance analyst in California?
Most California employers require a bachelor's degree in cybersecurity, information systems, or a related field as the foundation. California does not issue a state-specific license for this role, but widely recognized certifications such as CISSP, CISM, or CompTIA Security+ carry significant weight with hiring managers. Candidates who build familiarity with CCPA and California-specific data privacy obligations alongside federal frameworks like NIST and SOC 2 stand out in the California market.
How much do security compliance analysts make in California?
Security compliance analysts in California earn a median of about $138,570 a year, based on May 2025 Bureau of Labor Statistics wage data, ranging from around $66,070 for the lowest 10% to over $221,000 for the top 10%. Pay rises with experience, specialty, and employer.
Which companies hire security compliance analysts in California?
Employers hiring security compliance analysts in California right now include Coinbase, Control Risks, and Meta, based on current listings on Migrate Mate as of June 2026. California's concentration of defense contractors, major tech firms, and large hospital systems means demand stays consistent across both private and regulated-industry employers throughout the year.
Which California cities have the most security compliance analyst jobs?
San Francisco, Menlo Park, and San Diego have the most security compliance analyst openings in California. San Francisco leads because of the density of technology companies and financial services firms headquartered there, while Los Angeles draws hiring from entertainment, aerospace, and healthcare sectors, and San Diego's strong defense contracting and biotech presence accounts for significant demand in that region.
Are there remote security compliance analyst jobs in California?
Yes, and more than most fields. Security compliance analysis is primarily a desk-based, documentation-driven role, which makes it well suited to remote and hybrid arrangements. About 35% of security compliance analyst openings tied to California are remote or hybrid as of June 2026, reflecting the flexibility that tech and financial services employers in particular routinely offer. Policy review, audit coordination, and risk assessment work are the functions most commonly performed fully remotely.
How can I get hired as a security compliance analyst in California with little or no experience?
The most realistic entry path is moving laterally from an IT helpdesk, systems administration, or junior auditing role, since California employers regularly hire people from those adjacent positions into entry-level compliance associate or GRC analyst titles. Large California employers in technology and healthcare, including companies headquartered in Silicon Valley and the Los Angeles Basin, often post associate-level GRC roles that require only foundational security knowledge. Earning a CompTIA Security+ or completing a recognized cybersecurity certificate program strengthens an application considerably before the first interview.
Where can I find and apply to security compliance analyst jobs in California?
You can find and apply to security compliance analyst jobs in California on Migrate Mate, which lists current California openings across industries and experience levels. Search for roles that match your background, review the listings, and apply directly to the ones that fit.
See All 23 Security Compliance Analyst Jobs in California
Find roles in California that match your experience and apply in just a few clicks.
Find Jobs