SOC 2 Associate Director (CPA) - US

About The Position

Requirements

• Bachelor's degree in accounting, Information Systems, Cybersecurity, or related field.
• Seven to ten years of experience in audit, assurance, cybersecurity compliance, or risk and compliance services.
• Significant experience performing or leading SOC 1 and SOC 2 examinations.
• Strong knowledge of AICPA attestation standards and SOC reporting frameworks.
• Experience managing client engagements and supervising engagement teams.
• Strong written and verbal communication skills suitable for executive and technical audiences.

Nice To Haves

• CPA license (active or eligible)
• Additional certifications such as CISA, CISSP, CISM, or CRISC
• Experience working in public accounting, consulting, or specialized assurance firms
• Familiarity with security and compliance frameworks including:
• ISO 27001
• HITRUST
• PCI DSS
• NIST Cybersecurity Framework
• Experience working with SaaS, cloud service providers, or technology companies

Responsibilities

• Lead and oversee SOC 1 and SOC 2 examination engagements, including planning, execution, and report delivery.
• Manage multiple concurrent engagements while ensuring adherence to AICPA attestation standards, including SSAE 18 AT C 205 and AT C 320.
• Develop engagement plans, timelines, and resource allocations.
• Ensure timely delivery of high-quality SOC reports and supporting documentation.
• Serve as the primary engagement leader responsible for engagement execution, quality, and client coordination.
• Provide subject matter expertise on SOC reporting requirements, including SOC 1 Internal Controls over Financial Reporting SOC 2 Trust Services Criteria, including Security, Availability, Processing Integrity, Confidentiality, and Privacy Internal control frameworks and IT control environments.
• Review control testing procedures, workpapers, and supporting evidence to ensure compliance with AICPA standards and firm methodology.
• Evaluate the design and operating effectiveness of controls within complex technology and service environments.
• Ensure engagement documentation meets firm quality standards and regulatory expectations.
• Serve as the primary point of contact for clients during SOC examination engagements.
• Lead engagement kickoff meetings, walkthroughs, and scoping discussions.
• Communicate engagement status, testing results, and report findings to client leadership.
• Respond to client inquiries regarding SOC reporting requirements and examination procedures.
• Coordinate information requests and ensure efficient communication throughout the engagement lifecycle.
• Review SOC reports, management assertions, and testing documentation before issuance.
• Ensure engagement deliverables comply with AICPA reporting requirements and firm quality control policies.
• Support internal peer reviews, quality assurance reviews, and regulatory inspections.
• Identify and address technical or compliance issues during engagements.
• Support business development initiatives, including proposal development and client presentations.
• Assist with scoping discussions for prospective SOC engagements.
• Contribute to the development and enhancement of SOC methodologies, templates, and engagement tools.
• Support the continued growth of the firm’s SOC practice.
• Manage and mentor Managers, Seniors, and Associates across SOC engagements.
• Provide coaching and technical training related to SOC reporting, internal controls, and attestation standards.
• Review staff work and provide feedback to support professional development.
• Assist with recruiting, onboarding, and training of new team members.

Benefits

• Flexible Paid Time Off and paid holidays
• Performance Bonuses
• 100% Remote