Lever
Certifications & attestations
| Certification | Status | Source | Last verified |
|---|---|---|---|
| SOC 2 Type II Issued by Schellman for Lever by Employ. Full report available via Employ's Security & Compliance information package (on request through support/sales). | Verified | vendor source ↗ | June 10, 2026 |
| ISO 27001 Certificate issued by Schellman to Employ Inc. (Lever's parent company), not to Lever as a standalone product. | Verified | vendor source ↗ | June 10, 2026 |
| CSA STAR CSA CAIQ self-assessment completed by Employ. | Verified | vendor source ↗ | June 10, 2026 |
→ Direct answer: Does Lever have SOC 2?
Subprocessors
Subprocessor extraction for Lever is pending.
Hosting & data residency
- InfrastructureAmazon Web Services
- Data residencyHosted in AWS US-West-2 and EU-Central-1; customers can configure retention policies by geographic region (per security page, 2026-06-10). DPA available on request — no public URL.
Trust documents & links
- Trust centernone found
- Security pagehttps://www.lever.co/security/
- DPAnot yet recorded
- Status pagehttps://status.lever.co
Security incidents & disclosures
No incidents on record in the public sources we track, as of June 10, 2026. Absence of a record is not a guarantee — see methodology.
Change history
2026-06-10
Vendor added with a verified initial snapshot: SOC 2 Type II (Schellman), ISO 27001 (issued to parent Employ Inc.), and CSA CAIQ confirmed against lever.co/security (fetched 2026-06-10). Lever has been part of Employ Inc. — certifications are held at the Employ level.