SOC Auditor

4 weeks ago

Vijayawada, Andhra Pradesh, India Vista Applied Solutions Group Inc Full time

Job Summary:

Client is looking for SOC Auditor and this is remote position from India.

Responsibilities:

  • Complying with Schellman's code of ethics and professional conduct, methodologies, policies, and procedures
  • Adhering to the professional and regulatory standards relevant to assigned service line specialization(s)
  • Promoting Schellman's company culture and exemplifying Schellman's values
  • Establishing high quality relationships and rapport with client personnel
  • Managing client expectations to ensure expectations are exceeded
  • Completing assigned duties in a timely manner and with a high attention to detail
  • Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project
  • Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks
  • Escalating issues internally in a proper and timely manner
  • Using discretion and decorum in the timing, form, and content of all client communications
  • Booking travel reservations in a timely manner and in accordance with Schellman's travel and expense policies and procedures
  • Performing the essential functions of other service delivery positions when qualified and called upon to do so
  • Attending project kick-off and closing meetings
  • Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable
  • Drafting project deliverables
  • Serving as a contact for clients' basic questions regarding an engagement
  • Participating in recruiting and candidate interview activities
  • Training project team members
  • Acclimating newer team members to Schellman
  • Contributing to Schellman's practice development efforts
  • Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s)
  • Contributing to Schellman's thought leadership (e.g., articles, webinars, public speaking, etc.)

Knowledge Skills and Abilities:

  • Working knowledge of Schellman's services, methodology, and relevant professional standards
  • Requisite knowledge of applicable technology and security domains
  • High level of attention to detail and quality of work product
  • Client service oriented
  • Excellent time management, organizational, and verbal and written communication skills
  • Ability to work on-site or remotely as a valuable contributor to a collaborative team
  • Capable of simultaneously managing assigned tasks for multiple projects
  • Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman's service delivery applications
  • Full understanding and application of ethics, independence, and Schellman's values

Experience:

  • Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified
  • 2+ years of related professional services experience in information security auditing, assessment, consulting, or compliance, focused on ITGC or SOC controls
  • Ability to work well independently, within a team and with clients as well as travel ~40-50% (M-Th)
  • Maintains (preferred) or working towards obtaining least one certification relevant to Schellman's services (i.e., CPA, CCSK or CISA)
  • Demonstrate proficiency in Schellman Methodology
  • Guide associates and peers
  • Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.)
  • Successfully run a project from fieldwork through completion
  • Understand and demonstrate ability to speak to Schellman's service lines at a high level and their leaders
  • Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria
  • Demonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2
  • Know all four report opinion outcomes and ability to draft modified opinions
  • Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion
  • Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly
  • Schellman Methodology
  • Read STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.)
  • Review and demonstrate ability to apply concepts of AS 2.0 Reference Guide
  • Review and demonstrate ability to apply concepts of "EWP WP Guidance"
  • Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP)
  • Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2
  • Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc.
  • Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories
  • Ability to articulate qualified vs unqualified opinion; know all four types of opinions
  • Learn Schellman's services and service line leaders