Key skills
CloudRisk ManagementCommunication
About this role
Role Overview
- Manage and maintain SOC 2 compliance activities, including control documentation, testing schedules, and evidence requirements
- Collect, validate, and organize audit evidence across IT, Security, and Cloud systems
- Track remediation of control gaps, risks, and audit findings, ensuring timely closure and documentation
- Support customer security questionnaires, risk assessments, and due-diligence requests
- Maintain GRC platforms, workflows, and compliance tracking artifacts
- Partner with IT, Security, Engineering, and business teams to ensure ongoing audit readiness
- Assist with internal controls documentation and periodic testing
- Support external audits and internal reviews by coordinating requests and responses
- Develop and maintain compliance documentation, policies, procedures, and runbooks
Requirements
- 3+ years of experience in IT compliance, audit, risk management, or a related discipline
- Working knowledge of SOC 2, SOX, and NIST frameworks
- Experience using GRC tools and managing compliance workflows
- Demonstrated understanding of business analysis and/or systems analysis principles, with the ability to translate requirements into clear, auditable controls and documentation
- Familiarity with ISO 9001 and/or ISO 27001 standards, including their practical application within an organizational environment, is a strong advantage
- Strong documentation skills with attention to detail and accuracy
- Proven ability to coordinate across teams and manage multiple compliance activities simultaneously
- Clear written and verbal communication skills with both technical and non-technical stakeholders
Tech Stack
- Cloud
Benefits
- Health insurance
- Flexible work arrangements
- Professional development opportunities