Senior Associate, SOC

Schellman

22h•Remote

About The Position

Schellman is a Top 50 CPA firm and a leading provider of attestation and compliance services. Our professional services focus on security and privacy audits, assessments, and certifications. Schellman has become one of the largest cybersecurity assessment firms in the United States without providing any traditional accounting services. We are an accredited multi-framework ISO Certification Body for security, privacy, business continuity, and quality; a globally licensed PCI Qualified Security Assessor and a top provider to clients serving the federal DoD space as a leading FedRAMP 3PAO and the first assessment firm authorized as a CMMC C3PAO. Our specialty and expertise remain in providing best in class Cybersecurity and IT Audits and Attestations. Our culture, approach with clients, and dedication to our values has led us to consistently be a Great Places to Work certified company and rated as a Best Firms to Work For by Accounting Today and a Glassdoor Best Places to Work. We deeply appreciate our employees, as shown by our first core value – People Come First. This is demonstrated in our culture, benefits, and how we handle business. Come see what makes Schellman special! Senior associates are primarily responsible for hands-on project execution. Experienced senior associates have, or are working towards, specialization in one or more service lines and are assigned to projects accordingly. Senior associates are assigned to a specific service delivery principal that is responsible for supervising the associate’s career development. Additionally, senior associate’s daily activities are closely supervised by the management teams of their assigned projects. Senior associates may supervise associates and/or senior associates when serving as a member of a project management team. There is no typical day for our SOC teams. While our lead focus is on SOC examinations, our clients also rely on us to perform multiple types of attestations similar to SOC across a variety of network, application, or cloud environments. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest technologies. Our teams are mostly remote (yet extremely collaborative) and work together to utilize their unique backgrounds and experience to provide the high level of quality service that our clients have come to expect. In addition to the hands-on knowledge you’ll develop with each project, Schellman also promotes a continuous learning environment. Team members are encouraged to attend at least one training event every year to build upon their skills and acquire new certifications.

Requirements

Working knowledge of Schellman’s services, methodology, and relevant professional standards
Requisite knowledge of applicable technology and security domains
High level of attention to detail and quality of work product
Client service oriented
Excellent time management, organizational, and verbal and written communication skills
Ability to work on-site or remotely as a valuable contributor to a collaborative team
Capable of simultaneously managing assigned tasks for multiple projects
Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman’s service delivery applications
Full understanding and application of ethics, independence and Schellman’s values
Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified
2+ years of related professional services experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controls
Ability to work well independently, within a team and with clients
Travel ~40-50% (M-Th)

Nice To Haves

Maintains (preferred) or working towards obtaining least one certification relevant to Schellman's services (i.e. CPA, CCSK or CISA)

Responsibilities

Demonstrate proficiency in Schellman Methodology
Serve as a guide to Associates and peers through information sharing, support, and thought leadership.
Earn Schellman-approved certifications CCSK (minimum requirement for SD, (ISO Lead Auditor, One of the following three – CCSP/CISA (CCSP may be accepted in place of the CISA), CISSP, AWS CCP, etc.), the ISO LA within second year in the role
Successfully run a project from fieldwork through completion including the following: Demonstrate the ability to successfully complete all assigned testing, workpaper documentation, testing exception documentation, draft report creation, and management representation letter preparation
Understand and demonstrate ability to speak to Schellman's service lines at a high level and their leaders
Demonstrate proficiency of SOC 1 ITGCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria
Demonstrate understanding of Principal Service Commitments and System Requirements (PSCRs) and how they impact scope of a SOC 2
Demonstrate the ability to derive PSCRs through client documentation and interviews
Know all four report opinion outcomes and ability to draft modified opinions
Demonstrate the ability to identify if exception(s) would potentially yield a qualified opinion
Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly
Accurately manage and report time worked to each project / initiative
Define a clear communication strategy with the project manager to ensure any testing delays, disclosures, etc. are discussed timely
All Associate level roles and responsibilities
Complying with Schellman’s code of ethics and professional conduct, methodologies, policies, and procedures
Adhering to the professional and regulatory standards relevant to assigned service line specialization(s)
Promoting Schellman’s company culture and exemplifying Schellman's values
Establishing high quality relationships and rapport with client personnel
Managing client expectations to ensure expectations are exceeded
Completing assigned duties in a timely manner and with a high attention to detail
Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project
Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks
Escalating issues internally in a proper and timely manner
Using discretion and decorum in the timing, form, and content of all client communications
Booking travel reservations in a timely manner and in accordance with Schellman's travel and expense policies and procedures
Performing the essential functions of other service delivery positions when qualified and called upon to do so
Attending project kick-off and closing meetings
Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable
Drafting project deliverables
Serving as a contact for clients' basic questions regarding an engagement
Participating in recruiting and candidate interview activities
Training project team members
Acclimating newer team members to Schellman
Contributing to Schellman's practice development efforts
Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s)
Contributing to Schellman's thought leadership (e.g., articles, webinars, public speaking, etc.)