Senior GRC Analyst , SOC 2

Sensiba

1d•Hybrid

About The Position

The Senior GRC Analyst I – SOC 2 will serve as a technical leader and subject matter expert focused on SOC 2 readiness and examination audits, with deep specialization in SOC 2 automation platforms (e.g., Drata, Vanta, Secureframe, etc.). This role is responsible for ensuring client satisfaction and efficient execution of engagement plans, while being the coach and advisor to team members. The Senior Analyst I combines strong technical knowledge of SOC 2, ITGCs, and cloud environments with hands-on expertise configuring and managing SOC 2 compliance platforms to streamline evidence collection, continuous monitoring, and audit execution. The Senior Analyst will build robust client relationships grounded in a deep understanding of their operations, challenges, and compliance needs. The role is pivotal in delivering top-notch services, centering on clients' business, IT, and security risk management. Only candidates in Australia will be considered at this time.

Requirements

3+ years of experience in SOC 2, IT audit, or GRC, preferably within public accounting or consulting.
Demonstrated experience leading SOC 2 Type I and Type II engagements.
Hands-on experience administering or auditing within SOC 2 automation platforms (e.g., Drata, Vanta, Secureframe, or similar).
Deep understanding of: AICPA Trust Services Criteria
IT General Controls (ITGCs)
Cloud environments (AWS, Azure, GCP)
SaaS operational environments
Experience reviewing automated evidence and continuous monitoring outputs.
Strong client advisory and presentation skills, including executive-level communication.
Ability to manage multiple engagements in fast-paced, high-growth environments.

Nice To Haves

Experience working with venture-backed or high-growth SaaS companies.
Familiarity with adjacent frameworks (ISO 27001, NIST CSF).
Professional certifications such as CISA, CISSP, CISM, or CRISC.
Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field; advanced degree a plus.

Responsibilities

Knowledge of relevant regulations and industry standards (e.g., SSAE 18/SOC, HIPAA, ISO-27001, COSO, HITRUST, etc.) and best practices and methodologies to address these requirements.
Fundamental understanding of audit principles such as risk assessment, materiality, independence and sufficiency of evidence
Ability to apply these requirements to organizational internal control frameworks
Understanding of technical concepts such as cyber security, virtualization, data center, cloud computing, and the like
Ability to interpret/relay technical information to all levels of technical aptitude, including senior management. This includes written and oral communications
Documentation skills are a must. Ability to articulate, write and present information in a clear and understandable manner and to meet the re-performance standard required for supporting our audit work
Strong time management, project management and organizational skills with the ability to manage multiple priorities successfully within a deadline-driven environment

Benefits

Retirement & Financial Planning Support – 401(k) with match, financial wellness programs.
Generous Paid Time Off – Vacation, sick time, holidays, parental leave and volunteer days.
Flexible Work Arrangements – Hybrid or remote options, flexible hours.
Performance-Based Bonus – Recognition for your contributions through discretionary bonuses.
Professional Development Opportunities – Tuition reimbursement, certifications, mentorship.
Career Growth & Internal Mobility – Clear paths for advancement and role transitions.
Inclusive & Supportive Culture – DEI initiatives, employee resource groups, wellness programs.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume