Jobs · Consulting

Senior Consultant - SOC 2 & ISO 27001 Services

RISCPoint · United States · 2 days ago
RemoteRemoteConsultingFull-time

Key Responsibilities

  • Lead SOC 2 audit engagements utilizing GRC and compliance automation platforms such as Vanta and Drata to streamline evidence collection, control monitoring, and audit coordination activities.
  • Configure, review, and manage compliance workflows within GRC platforms, including control mapping, evidence review, personnel task tracking, and auditor request coordination.
  • Work directly with clients and external auditors to facilitate efficient SOC 2 audit execution through automated evidence collection processes and platform-based collaboration.
  • Lead and support cybersecurity compliance and assurance engagements across frameworks including SOC 1, SOC 2, ISO 27001, HITRUST, HIPAA, and related regulatory or industry standards.
  • Facilitate client workshops, interviews, and discovery sessions with technical and business stakeholders to gather information regarding security controls, policies, procedures, and operational practices.
  • Perform gap assessments, readiness assessments, and control evaluations against applicable framework requirements and industry leading practices.
  • Develop, review, and maintain security and compliance documentation including policies, procedures, risk assessments, system descriptions, control narratives, and related supporting artifacts.
  • Provide practical and risk-based remediation guidance to clients to address identified control gaps, deficiencies, and process improvement opportunities.
  • Cook directly with client stakeholders to manage project timelines, track open items, communicate status updates, and ensure successful engagement execution.
  • Support audit and assessment activities by assisting clients with evidence collection, walkthrough preparation, auditor coordination, and response management.
  • Review client environments and processes to identify compliance risks, operational inefficiencies, and opportunities to improve security posture and program maturity.
  • Contribute to the development and enhancement of internal methodologies, templates, accelerators, and service delivery processes.
  • Mentor and support junior consultants by providing guidance, knowledge sharing, and quality review of project work products.
  • Participate in client presentations and executive discussions by delivering clear, professional, and business-focused communication regarding compliance and security matters.
  • Maintain current knowledge of cybersecurity, compliance, privacy, and assurance trends, standards, and emerging regulatory requirements.

Qualifications

  • Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field or combination of relevant education and equivalent work experience.
  • 3–4 years of experience supporting or leading cybersecurity compliance, risk, or assurance engagements within a consulting, audit, or advisory environment.
  • Hands-on experience supporting SOC 1 and SOC 2 assessments, including readiness activities, evidence collection, control testing support, and auditor coordination.
  • Experience working with security and compliance frameworks such as SOC 1, SOC 2, ISO 27001, HITRUST, HIPAA, NIST CSF, or related industry standards.
  • Experience utilizing GRC and compliance automation platforms such as Vanta and Drata in support of SOC 2 audits and ongoing compliance operations.
  • Ability to facilitate client meetings, workshops, and discovery sessions with both technical and non-technical stakeholders.
  • Experience developing and maintaining security and compliance documentation including policies, procedures, risk assessments, control narratives, and supporting evidence artifacts.
  • Strong understanding of information security concepts including access management, logging and monitoring, vulnerability management, change management, vendor risk management, and incident response.
  • Experience coordinating project tasks, managing timelines, tracking deliverables, and communicating status updates within a client-facing consulting environment.
  • Strong written and verbal communication skills with the ability to present complex compliance and security concepts in a professional and business-friendly manner.
  • Ability to independently manage multiple engagements and priorities in a fast-paced consulting environment while maintaining attention to detail and quality.
  • Experience working within cloud-based environments such as AWS, Azure, or Google Cloud Platform is preferred.

Compensation & Benefits

  • Generous Salary + Bonus
  • Company Paid Health Insurance
  • Company Paid Dental Insurance
  • Company Paid Vision Insurance
  • Company Paid Life Insurance
  • 401k with 3% Company Contribution (Traditional & Roth Options)
  • Generous Vacation Policy
  • Annual Company Retreat

Similar jobs

Senior Consultant-2

CrederaAddison, TX· 3 days ago
Consulting$95k–$135k/yrapply on interpublic.wd5.myworkdayjobs.com