Compliance analyst workspace with dual monitors showing audit dashboards, monstera plant, and foreign postal stamp mug in a home office
"

I closed a SOC 2 Type II from a café in Cape Town.
My client never knew I wasn't in Chicago.

Amara Osei, Senior Compliance Analyst, Cape Town
Amara Osei
Senior Compliance Analyst · Cape Town
Team Member

Serious work.
No office required.

Comply deploys regulatory specialists across 17 time zones — SOC 2, GDPR, FDA, HIPAA — from wherever they do their best thinking.

17Time Zones
94Team Members
340+Audits Closed
6Open Roles
SOC 2 Type II ·GDPR Article 30 ·FDA 21 CFR Part 11 ·HIPAA Security Rule ·ISO 27001 ·CCPA ·FedRAMP ·PCI DSS ·NIST 800-53 ·SOX ITGC ·SOC 2 Type II ·GDPR Article 30 ·FDA 21 CFR Part 11 ·HIPAA Security Rule ·ISO 27001 ·CCPA ·FedRAMP ·PCI DSS ·NIST 800-53 ·SOX ITGC ·
The Problem

We know exactly what you've
been muttering to yourself.

01

Another 80-hour audit season?

Q4 used to mean cancelling everything. Holidays, weekends, your own sanity. You delivered results and got a pizza party.

SOC 2
Lisbon, Portugal
WET (UTC+0)
Avg Comply engagement
32 hrs/week
Capped. Enforced.
02

Relocate or resign?

The promotion required moving to a city you didn't choose. The client was in one place, the firm in another, and you were stuck in the middle.

GDPR
Nairobi, Kenya
EAT (UTC+3)
Current team cities
38
Across 6 continents
03

Billable hours but no life?

Your utilisation rate was 115%. Your manager called it a good problem to have. Your family had a different word for it.

HIPAA
Medellín, Colombia
COT (UTC-5)
Async-first ratio
78%
Of all team comms
Open Roles

Your desk is wherever
you open your laptop.

Person working on laptop with compliance documents and audit spreadsheets on dual monitors
UrgentFull-time · Contract

SOC 2 Audit Lead

Own end-to-end SOC 2 engagements for Series B–D SaaS companies. You'll manage evidence collection, auditor liaising, and remediation roadmaps. 2–3 concurrent clients.

SOC 2 Type ISOC 2 Type IICOSO
$145–185/hrAny timezone
Data privacy professional reviewing GDPR documents at a standing desk with city view
Open

GDPR Data Protection Officer

$120–150/hr

Serve as fractional DPO for 4–6 EU-market startups. Article 30 records, DPIAs, breach response.

GDPRUK GDPRePrivacy
Medical regulatory specialist reviewing FDA submission documents with clinical data charts
Open

FDA Regulatory Strategist

$165–210/hr

Guide medtech and digital health clients through pre-submission meetings and 510(k) preparation.

21 CFR Part 11510(k)Pre-Sub
Privacy engineer coding at a laptop with multiple terminal windows and privacy framework documentation
Urgent

Privacy Engineer

$130–165/hr

Embed with engineering teams to build privacy-by-design into product roadmaps. Code reviews, PETs implementation, data flow architecture.

CCPAGDPR
Any timezone
Healthcare compliance professional reviewing HIPAA security documentation on tablet
Open

HIPAA Security Specialist

$135–170/hr

Risk assessments, BAA reviews, and security rule gap analysis for healthtech companies scaling their patient data infrastructure.

HIPAAHITECH
US timezones
The Offer

What your desk
comes with.

We built the structure we wished existed when we were billing 115% utilisation for someone else's P&L.

78%
Async communication

Async-First Culture

78% of team comms happen outside real-time. Stand-ups are optional. Documentation is the default.

💻
$2,400
Annual equipment budget

Equipment Stipend

$2,400/year to build the workspace that makes you dangerous. Monitors, standing desks, noise-cancelling — your call.

🌍
+15%
New jurisdiction bonus

Jurisdiction Bonuses

First engagement in a new framework? +15% rate. Rare expertise shouldn't be invisible on your paycheck.

🛡️
32 hrs
Hard weekly cap

Capped Engagements

32 hours per week, enforced — not aspirational. We've fired clients for exceeding it. Twice.

📅
60%
Bench rate (paid)

Bench Time Paid

Between engagements? You're still on the clock at 60% rate. We don't believe in zero-income gaps.

🔍
100%
Deliverables peer-reviewed

Peer Review Network

Every deliverable gets eyes from at least one senior peer. Your reputation travels — we protect it.

Remote compliance team members on a video call from different time zones, each in their home workspace
Team Pulse · Feb 2026
"The bench pay kept me sane between projects."
Priya Nair · Privacy Engineer · Bangalore
4.9/5
Avg team satisfaction
Annual survey, 89% response
91%
Contract renewal rate
Returning clients, 2025
0
Mandatory relocations
In 6 years of operation
38
Cities represented
Across 6 continents
The Team

Real humans. Real places.
Real compliance work.

Filter by where you'd work alongside them.

Timezone:
Framework:
Amara Osei, Senior Compliance Analyst based in Cape Town
SAST (UTC+2)
SOC 2

Amara Osei

Since 2022
Senior Compliance Analyst
📍 Cape Town
12 engagements closedEnglish
Priya Nair, Privacy Engineer based in Bangalore
IST (UTC+5:30)
GDPR

Priya Nair

Since 2023
Privacy Engineer
📍 Bangalore
9 engagements closedEnglish
Carlos Mendez, FDA Regulatory Strategist based in Medellín
COT (UTC-5)
FDA

Carlos Mendez

Since 2023
FDA Regulatory Strategist
📍 Medellín
7 engagements closedSpanish
Ingrid Larsson, GDPR Data Protection Officer based in Lisbon
WET (UTC+0)
GDPR

Ingrid Larsson

Since 2021
GDPR Data Protection Officer
📍 Lisbon
14 engagements closedSwedish
Kwame Asante, HIPAA Security Specialist based in Nairobi
EAT (UTC+3)
HIPAA

Kwame Asante

Since 2022
HIPAA Security Specialist
📍 Nairobi
11 engagements closedEnglish
Yuki Tanaka, ISO 27001 Lead Auditor based in Singapore
SGT (UTC+8)
ISO 27001

Yuki Tanaka

Since 2023
ISO 27001 Lead Auditor
📍 Singapore
8 engagements closedJapanese
Passive Pipeline

Not ready to apply?

Join the Bench. Leave your email and specialty — we'll reach out when the right engagement lands.