SOC 2 Audit Consultant Responsibilities:
- Lead the preparation for SOC 2 audit, developing a detailed roadmap for the entire process, including timelines, tasks, resources, and responsibilities
- Conduct a comprehensive internal assessment of the company’s current processes, controls, and security posture to identify gaps and ensure readiness for the audit
- Ensure all necessary documentation is in place, including policies, procedures, risk assessments, and system descriptions. Oversee the creation of the required evidence and artifacts for SOC 2 compliance
- Work closely with IT, Security, Legal, Compliance, and other relevant departments to ensure alignment and adherence to SOC 2 requirements. Drive internal communication and ensure teams understand and follow best practices
- Manage the entire SOC 2 audit process, working with the external audit firm. Ensure that all necessary control tests are completed and facilitate any communication between the auditors and company teams
- Identify any control weaknesses or non-compliance issues and develop actionable remediation plans. Oversee the resolution of identified issues to ensure the company meets all SOC 2 criteria before the audit concludes
- Ensure that the final SOC 2 audit report accurately reflects the company’s compliance status and the audit process. Provide clear, actionable insights to senior management based on audit findings
- After the audit, assist in developing strategies for maintaining SOC 2 compliance long term, including continuous monitoring and improvement processes
SOC 2 Audit Consultant Requirements:
- 5+ years of experience managing SOC 2 audits, including having overseen the process multiple times at large companies
- Expertise in SOC 2 requirements, frameworks, and best practices, including Trust Services Criteria (TSC) related to security, availability, confidentiality, processing integrity, and privacy
- Proven ability to lead complex, cross-functional projects from start to finish, managing timelines, resources, and deliverables effectively
- Strong written and verbal communication skills. Able to articulate technical and regulatory issues to both technical and non-technical stakeholders
- Ability to identify gaps in controls or processes, recommend solutions, and work with teams to implement necessary improvements
- Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or other relevant certifications
- Familiarity with SOC 2 audit tools, compliance management platforms, and relevant IT security frameworks
Thank you,
Josh Novekoff
Recruiting Lead
LaSalle Network
LaSalle Network is an Equal Opportunity Employer m/f/d/v.
LaSalle Network is the leading provider of direct hire and temporary staffing services. For over two decades, LaSalle has helped organizations hire faster and connect top talent with opportunities, from entry-level positions to the C-suite. With units specializing in Accounting and Finance, Administrative, Marketing, Technology, Supply chain, Healthcare Revenue Cycle, Call Center, Human Resources and Executive Search. LaSalle offers staffing and recruiting solutions to companies of all sizes and across all industries.
LaSalle Network is the premier staffing and recruiting firm, earning over 100 culture, revenue and industry-based awards from major publications and having its company experts regularly contribute insights on retention strategies, hiring trends and hiring challenges, and more to national news outlets. LaSalle Network offers temporary Field Employees benefit plans including medical, dental and vision coverage. Family Medical Leave, Worker's compensation, Paid Leave and Sick Leave are also provided. View a full list of our benefits here
