Key skills
PythonGoGCPGoogle CloudLeadershipCloud Security
About this role
itD is a consulting and software development company seeking a Cloud Security Compliance Engineer to lead the design and implementation of automated evidence collection and compliance processes. The role focuses on enhancing security governance and ensuring audit readiness across cloud environments while collaborating with cross-functional teams.
Responsibilities:
- Design, develop, and maintain automated processes and tools to collect and manage evidence required for SOC 2 compliance
- Establish and manage evidence retention policies and procedures to ensure alignment with SOC 2 requirements and audit standards
- Develop and execute structured plans for collecting and organizing compliance evidence related to security controls, policies, and operational procedures
- Collaborate with cross-functional teams to integrate automated evidence collection processes into existing systems and workflows
- Maintain clear documentation of automation processes and produce detailed compliance reports to support audit readiness
- Validate the accuracy and completeness of compliance evidence and work with internal stakeholders to resolve discrepancies or gaps
- Identify opportunities to improve automation, reliability, and scalability of evidence collection and compliance reporting processes
- Attend regular internal practice community meetings
- Collaborate with your itD practice team on industry thought leadership
- Complete client case studies and learning material (blogs, media material)
- Build out material to contribute to the Digital Transformation practice
- Attend internal itD networking events (in person and virtual)
- Work with leadership on career fast-track opportunities
Requirements:
- Experience designing and implementing automated processes for SOC 2 compliance evidence collection
- Experience collecting and managing SOC 2 compliance evidence within a cloud security environment
- Strong understanding of SOC 2 frameworks, security controls, and compliance requirements
- Experience with cloud security and operations in Google Cloud Platform (GCP)
- Strong knowledge of GCP security best practices, controls, and compliance standards
- Experience with scripting or automation tools such as Python or Go
- Bachelor's degree in Computer Science, Information Technology, or a related field required
- Industry security certifications such as CISSP or CISM
- Experience with security automation and compliance tooling
- Familiarity with cloud workload protection and security monitoring platforms
- Experience supporting security audits and compliance assessments
- Master's degree preferred