SOC Compliance Analyst

About The Position

Requirements

• Professional experience in information security auditing with a focus on SOC 1 & 2 standards
• Detailed knowledge of ISO 27001 standard, ISO Certification Process Audits, and SOC 1 and 2 standards
• Experience with AWS and Google Workspace
• Strong analytical problem-solving skills and attention to detail
• Excellent verbal and written communication skills, as well as strong partnership skills
• Experience with cybersecurity and auditing, preferably with 3-5 years of experience
• Degree in Computer Science, Computer Engineering, IT, or similar field, or 3+ years of IT security or cybersecurity related work experience

Responsibilities

• Manage and enforce Apkudo's SOC 1 & 2 Controls, ensuring that all security practices are compliant with industry standards
• Be the main point of contact and liaison with external SOC auditors, facilitating effective communication and resolution of audit findings
• Perform regular internal audits for SOC and ISO controls, identifying areas for improvement and ensuring that corrective actions are implemented
• Lead the Compliance member of our Information Security Council, driving security awareness and training for key security focuses throughout the organization
• Monitor and resolve alerts and alarms in critical systems, ensuring that potential security threats are identified and mitigated promptly
• Manage security event responses and investigations, providing timely and effective resolution to security incidents
• Coordinate regular penetration testing and drive improvement actions, ensuring that Apkudo's security posture is maintained and improved
• Be the company administrator for password and phishing management systems, ensuring that security policies and procedures are up-to-date and compliant
• Review and update security-related policies and procedures to ensure alignment with industry standards and best practices
• Drive awareness and training of key security focuses throughout the organization, ensuring that all employees are equipped to maintain a high level of security awareness
• Assist and support company stakeholders with questions regarding information security, providing timely and effective guidance and support
• Stay up-to-date with the latest information security management trends and best practices, applying this knowledge to drive security improvements within Apkudo
• Work with Legal to identify and ensure compliance with cryptographic and data encryption regulations
• Participate in ad-hoc projects related to improving Apkudo's security posture, applying a collaborative and flexible approach to drive security improvements