SOC 2 Process Controller

About the Employer
  • IT
  • San Ramon,California
Annual Salary
INR 600000 - INR 800000

Job Description

Job Role & Responsibilities

  • Manage, maintain, and improve the compliance management of internal controls to meet internal and external compliance SOC2 and ISO 27001 security requirements.
  • Evaluate the design and test the operating effectiveness of key controls identified and provide control enhancement recommendations as appropriate
  • Assist with tracking audit exceptions for all audits performed.
  • Contribute to other risk management activities, which may include exception monitoring and tracking, vendor viability assessments, and other special projects as needed
  • Determines compliance by establishing compliance test standards, conducting and witnessing tests, performing diagnostic procedures, measuring performance, analyzing and evaluating findings, and performing forensic analysis and troubleshooting of failures.
  • Attains compliance by isolating and resolving compliance issues, recommending product and process changes, and initiating engineering change orders.
  • Documents compliance by completing approval applications, recording test results, preparing investigative reports, preparing, and filing Declarations of Conformity, and maintaining compliance database.
  • Maintains engineering team accomplishments by reviewing open issues and action items, coordinating actions, and contributing information and analysis to team meetings and reports.
  • Prepares compliance reports by collecting, analyzing, and summarizing measurement data and trends.
  • Experience with Vanta or Drata type of platform is preferred.
  • Working of Google Cloud , AWS is preferred.

 

Qualification Required

  • Bachelors Degree in a technical discipline or equivalent work experience in IT and/or Security.
  • Any degree in Total Quality Management, or Process Management
  • Any certification of Process Audit like ISO / SOC 2 is preferred.

 

Specific Qualification
Any degree in Quality Control management or similar.

 

Technical background
In audit of ISO 27001 / SOC 2 Type 2

 

Minimum skills we look for

  • Information Security framework implementation (ISFMI)
  • Risk Management framework, Drafting Risk Registers
  • Incident management, Incident tracker
  • Experience in conducting internal and external audits
  • Experience in Service Organization trust service criteria (SOC 1 & 2) is preferred.
  • Excellent writing skills needed to deliver reports detailing findings and associated recommendations for information security programs to help meet the client security and compliance standards.
  • Bachelors Degree in a technical discipline or equivalent work experience in IT and/or Security.
  • 1 - 3 years of experience in security or risk management, performing security assessments in a client-facing/consulting role.
  • Professionalism, problem-solving, customer-facing and handling skills, time management, written and verbal communication, presentation skills, active listening, flexibility.
  • Ability to think holistically and identify areas of technical and non-technical risk.
  • Knowledge of writing technical reports and presenting to non-technical audiences.
  • Comfortable working in ambiguous and/or undefined situations.
  • Must be available for on-project travel.

 

Any specific tools you are looking for
Drata or any other security related tools

Minimum experience: in domain / overall industry
1 - 3 years of experience in security or risk management, performing security assessments in a client-facing/consulting role.

Key Skills

Information Security Management,ISO 27001,Quality Control Management

Location

San Ramon,California,United States