Exploring Ideas: A Blog on Technology, Startups, Food, and More
The HR Audit: Reviewing Job Postings for Legal Compliance and Risk Management

The HR Audit: Reviewing Job Postings for Legal Compliance and Risk Management

This is the third in a four-part series on analyzing job postings from different perspectives: as a candidate, as a hiring manager, as an HR partner, and as a competitive analyst.

Disclaimer: This post is for informational purposes only and does not constitute legal advice. I am not a lawyer. Employment law varies significantly by jurisdiction and changes frequently. Always consult with qualified legal counsel for specific compliance questions and before implementing any HR policies or practices.

The call came at 4:47 PM on a Friday. Your employment attorney needed to discuss a job posting that had been live for three days. The hiring manager, trying to attract “high-energy” candidates, had included language about looking for “young, dynamic professionals” who could “keep up with our fast-paced startup culture.” What seemed like enthusiasm to the hiring team looked like age discrimination to your legal counsel.

Job postings are official company communications that create compliance exposure from the moment they go live. Every word choice matters, every requirement needs justification, and every company policy or cultural description can become evidence in potential litigation. Professionals need to develop a systematic approach to reviewing job postings that balances legal protection with effective hiring practices.

The Legal Landscape: What You’re Actually Protecting Against

Job posting compliance spans federal, state, and local regulations, each with different requirements and penalties. The major areas of concern include:

Protected Class Discrimination (Federal): Title VII, ADA, ADEA, and other federal laws prohibit discrimination based on race, color, religion, sex, national origin, age (40+), disability, and other protected characteristics. But the violations aren’t always obvious.

State and Local Protected Classes: Many jurisdictions extend protection to categories like sexual orientation, gender identity, marital status, military status, political affiliation, or arrest/conviction history. A job posting legal in Texas might violate New York City local ordinances.

Pay Transparency Requirements: Rapidly expanding across jurisdictions, these laws require specific salary range disclosure and can impose significant penalties for non-compliance.

Immigration and Work Authorization: Citizenship requirements are generally illegal unless specifically required by law (like certain government contracts).

Criminal Background Considerations: “Ban the box” laws in many jurisdictions restrict when and how you can ask about criminal history.

The challenge for HR professionals is that hiring managers rarely understand these nuances. Particularly in tech, no one taking classes in college about this, and rarely if ever are things like this taught formally as part of promotion into manager roles. They write job postings focused on finding great candidates without realizing they’re creating documents with compliance implications.

Red Flags in Requirements and Qualifications

Let me walk through specific language that creates compliance risks, often without the hiring manager realizing it. Let’s walk through some common misteps and better alternatives. Remember that the goal here is to write a job posting the clearly articulates the actual requirements of the job, not your own preconceived notions of the people that you think can fulfill them.

Age-Related Red Flags:

  • “Recent college graduate” (suggests age preference)
  • “Young, energetic team” (direct age discrimination)
  • “Digital native” (implies younger workers)
  • “5+ years experience maximum” (could exclude older workers)

Better alternatives: Focus on specific skills or adaptability rather than age proxies. Instead of “digital native,” specify “proficient with cloud-based collaboration tools and social media platforms.”

Gender and Family Status Red Flags:

  • “Strong, assertive candidate” (often coded language for male candidates)
  • “Always reachable / respond immediately.” (could discriminate against caregivers)
  • “Looking for culture fit” (vague language that enables bias)
  • References to “guys” or “brotherhood/sisterhood”

Better alternatives: Describe specific behavioral requirements. Instead of “assertive,” specify “comfortable presenting to C-level executives and advocating for resource allocation.”

Disability and Physical Requirements Red Flags:

  • “Must be able to lift 50 pounds” (when lifting isn’t essential job function)
  • “Excellent vision required” (when reasonable accommodation could address)
  • “Energetic and enthusiastic” (could exclude people with certain disabilities)

Better alternatives: List only actual and essential physical requirements with accommodation language: “This role requires occasional lifting of equipment up to 25 pounds; reasonable accommodations available.”

The Hidden Discrimination in Cultural Language

Cultural descriptions in job postings often contain the most problematic language because they feel innocent to hiring teams. Here’s how to audit cultural language for compliance risks:

Problematic Cultural Descriptors:

  • “Work hard, play hard” (could exclude people with family obligations)
  • “Native English speaker required” (national origin discrimination unless truly necessary)

Compliant Cultural Alternatives: Instead of vague cultural descriptors, describe specific working arrangements and expectations:

  • “Standard work week is 40-45 hours with occasional evening events”
  • “Collaborative environment with regular team meetings and project partnerships”
  • “Fast-paced environment requiring adaptability and strong prioritization skills”

Remember the whole point of the description is to give potential candidates some context on the job they are applying to. They will learn the culture in your process, so focus in the JD on things they can verify in interviews and experience: how is the team organized, how are decisions made, what will their role and experience be?

Educational and Experience Requirements: The Over-Qualification Trap

Educational requirements deserve special scrutiny because they often exclude qualified candidates without business justification. Many requirements that seem reasonable actually create unnecessary barriers.

Don’t add pointless educational requirements. Often there are real reasons to require certain degrees or formal credential, but don’t just add them to requirements for no reason.

Justifiable Education Requirements:

  • Licensed positions requiring specific education (CPA, attorney, engineer)
  • Roles requiring specialized knowledge typically gained through formal education
  • Positions where clients/regulators expect certain credentials

The key test: Can you demonstrate that the educational requirement is genuinely necessary for job performance, or is it a convenient screening mechanism?

Better approach: “Bachelor’s degree in relevant field or equivalent experience in [specific area]. We value diverse educational backgrounds and encourage applications from candidates who have gained expertise through alternative pathways.”

Location and Visa Status: Navigation Complex Requirements

Immigration-related requirements in job postings create frequent compliance issues:

Problematic Immigration Language:

  • “U.S. citizens only” (illegal unless required by law)
  • “No visa sponsorship available” (potentially discriminatory phrasing)
  • “Must be authorized to work in U.S. without employer sponsorship” (better but still problematic)

Compliant Immigration Language: “Must be authorized to work in the United States. [Company name] participates in E-Verify and will provide the federal government with Form I-9 information to confirm that you are authorized to work in the United States.”

For positions that genuinely cannot sponsor visas, focus on the business limitation rather than worker status: “This position is not eligible for visa sponsorship due to [specific business constraints].”

Pay Transparency Compliance: More Complex Than It Appears

Pay transparency laws vary significantly by jurisdiction and are expanding rapidly. Consult with an appropriate expert to see what the rules for you are.

Common Pay Transparency Mistakes:

  • Extremely broad salary ranges ("$50K-$150K") that don’t provide useful information
  • Omitting benefits or equity compensation that significantly affects total package
  • Using different ranges for same role in same location
  • Failing to update ranges when market conditions change

Best Practice Framework: Develop standardized compensation bands tied to job levels and market data. Include total compensation context: “Base salary: $95K-$115K based on experience and interview performance. Total compensation package valued at $120K-$140K including health benefits, 401k matching, and equity grant valued at most recent 409A appraisal.”

Documentation and Risk Management

Every job posting decision should be documented:

Document These Decisions:

  • Why specific requirements were deemed essential
  • How salary ranges were determined
  • Why certain benefits or perks are offered
  • What business justification supports any potentially problematic requirements

Template Language for Common Situations:

Physical requirements: “This role requires [specific physical task]. [Company] will engage in the interactive process to determine if reasonable accommodations can enable performance of essential job functions.”

Travel requirements: “This position requires approximately [X%] travel, including some overnight trips. We’re happy to discuss flexible arrangements that might accommodate personal circumstances.”

Experience requirements: “We’re seeking [X] years of experience in [specific area] or equivalent demonstrated expertise gained through alternative pathways.”

The Business Case for Compliance Excellence

Treating job posting compliance as a checkbox exercise misses the business opportunity. Companies with excellent compliance practices typically see:

Better Candidate Quality: Clear, compliant job postings attract candidates who actually fit the role requirements rather than those confused by vague language.

Reduced Legal Risk: Systematic compliance processes prevent expensive discrimination claims and regulatory violations.

Improved Brand Reputation: Thoughtful, inclusive job postings enhance employer brand and attract diverse talent pools.

Faster Hiring Cycles: When job postings accurately represent requirements and culture, interview processes become more focused and efficient.

Next up in this series: “Competitive Intelligence Through Job Postings: What Your Competitors’ Hiring Plans Reveal About Their Strategy.”

Subscribe to the Newsletter

Get the latest posts and insights delivered straight to your inbox.