SOC 2 Consultant

Job not on LinkedIn

November 13

Apply Now

Receive Emails with Similar Jobs

The Juno Group, Inc

WebsiteLinkedInAll Job Openings

Recruitment • HR Tech • B2B

The Juno Group, Inc. is a recruitment and staffing agency with over 10 years of experience in the industry. They specialize in helping candidates find jobs that match their unique skill sets while assisting companies in identifying and hiring qualified personnel. The Juno Group offers various services, including permanent staffing, contractual staffing, and payroll management, catering to a wide range of sectors such as technology, finance, engineering, healthcare, and more.

11 - 50 employees

Founded 2007

🎯 Recruiter

👥 HR Tech

🤝 B2B

📋 Description

• Lead SOC 2 Type II readiness engagements using AICPA SOC for Service Organizations guidance • Conduct gap assessments, control maturity reviews, and remediation planning aligned with the Trust Services Criteria • Design, review, and enhance controls based on the COSO Internal Control Integrated Framework • Develop or refine security policies, procedures, and governance documentation • Prepare and validate audit evidence based on AICPA audit evidence standards • Configure and optimize Drata for automated evidence collection, control mapping, and audit readiness • Align technical and operational controls with secure architecture frameworks • Guide clients through risk assessments, vendor oversight, incident response planning, and logging and monitoring practices

🎯 Requirements

• 5+ years of experience in IT Services • Expertise in AICPA Trust Services Criteria and SOC 2 Type II readiness • Strong understanding of control design and evaluation aligned to COSO • Proficiency with Drata, including setup, control mapping, workflows, and evidence automation • Experience with cloud security principles across AWS, Azure, or Google Cloud • Ability to create policies, procedures, and governance documentation • Strong skills in risk assessment, access control reviews, logging, monitoring, change management, and incident response • Proficiency in vendor risk management practices, including SIG or SCA formats • Excellent communication skills and experience advising executives and technical teams • Must hold at least one of the following certifications: CISA, CISSP, CCSP, ISO 27001 Lead Implementer or Lead Auditor • Nice to have certifications: CISM, CRISC, CompTIA Security+, GIAC GSEC

🏖️ Benefits

• Remote work • Professional development opportunities