Job Summary:
Client is looking for SOC Auditor and this is remote position from India.
Responsibilities:
- Demonstrate proficiency in Schellman Methodology
- Guide associates and peers
- Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.)
- Successfully run a project from fieldwork through completion
- Understand and demonstrate ability to speak to Schellman's service lines at a high level and their leaders
- Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria
- Demonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2
- Know all four report opinion outcomes and ability to draft modified opinions
- Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion
- Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly
- Schellman Methodology
- Read STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.)
- Review and demonstrate ability to apply concepts of AS 2.0 Reference Guide
- Review and demonstrate ability to apply concepts of EWP WP Guidance
- Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP)
- Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2
- Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc.
- Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories
- Ability to articulate qualified vs unqualified opinion; know all four types of opinions
- Learn Schellman's services and service line leaders
- Adhere to and complete all matters included in the Associate Score Card
- Accurately manage and report time worked to each project / initiative
Knowledge Skills and Abilities:
- Working knowledge of Schellman's services, methodology, and relevant professional standards
- Requisite knowledge of applicable technology and security domains
- High level of attention to detail and quality of work product
- Client service oriented
- Excellent time management, organizational, and verbal and written communication skills
- Ability to work on-site or remotely as a valuable contributor to a collaborative team
- Capable of simultaneously managing assigned tasks for multiple projects
- Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman's service delivery applications
- Full understanding and application of ethics, independence, and Schellman's values
Experience:
- Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified
- Strong experience with PCI
- Experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controls
- Ability to work well independently, within a team and with clients as well as travel 40-50% (M-Th)
- Maintains (preferred) or working towards obtaining least one certification relevant to Schellman's services (i.e., CPA, CCSK or CISA)
- Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman's service delivery applications
- Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP)
- Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2
- Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc.
- Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.)
- Successfully run a project from fieldwork through completion
- Understand and demonstrate ability to speak to Schellman's service lines at a high level and their leaders
- Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria
