Consultant SOC Audit & Risk Advisory

Overview

Remote
Depends on Experience
Contract - Independent
Contract - 6 Month(s)

Skills

CISA
CISM
IT Audit
SAP GRC
Risk Assessment
ITGC

Job Details

Job Title: Consultant SOC Audit & Risk Advisory

Location: Remote

Duration: 6 Months with possible extension

Role Overview:

We are seeking a seasoned professional with deep expertise in SOC (System and Organization Controls) audits, particularly SOC 1 and SOC 2 Type II, to join our consulting practice. This role will be instrumental in leading and delivering security risk assessments, audit readiness, and compliance engagements across diverse client environments.

Key Responsibilities:

Lead and execute SOC 1 and SOC 2 audit engagements, including readiness assessments and remediation planning.
Conduct internal security assessments and risk evaluations aligned with frameworks such as ISO 27001, NIST 800-53, and PCI DSS.
Develop, maintain, and audit security documentation including policies, standards, and procedures.
Collaborate with cross-functional teams to ensure effective implementation of security controls and audit requirements.
Provide advisory support on governance, risk, and compliance (GRC) initiatives, including ITand emerging technologies (e.g., AI, IoT, Blockchain).
Serve as a subject matter expert (SME) for SOC-related client queries and audit walkthroughs.
Support pre-sales activities by contributing to proposals, presentations, and client pitches.
Required Skills & Experience:

7+ years of experience in IT audit, risk advisory, or cybersecurity consulting.
Proven track record in delivering SOC 1 and SOC 2 Type II audits.
Strong understanding of security technologies (SIEM, SOAR, EDR, NDR) and regulatory frameworks.
Experience with security operations centers (SOC), including log management and incident response.
Excellent communication, report writing, and stakeholder management skills.
Ability to work independently and manage multiple engagements simultaneously.
Preferred Qualifications:

CISA, CISM, or equivalent certifications.
Master s degree in Computer Applications, Information Security, or related field.
Experience working with MSSP platforms such as Sentinel, QRadar, ArcSight, Splunk, or Chronicle

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.