SVVP Compliance and Audit Consultant

About The Position

Requirements

• 10+ years of IT risk management, cybersecurity, and governance experience
• 7+ years of experience leading enterprise risk management initiative
• 7+ years of experience overseeing risk during large-scale infrastructure transformatio
• 7+ years of experience performing third-party/vendor risk over sigh
• 7+ years of experience designing risk mitigation frameworks

Responsibilities

• Acts as the compliance oversight function for SVVP, ensuring traceability, evidence collection, and audit preparation meet regulatory and organizational standards.
• Prepare for audits by ensuring all relevant data and documentation is in place for SOC 2 compliance, focusing on network security, data protection, and privacy.
• Ensure compliance with City-wide, State, and Federal policies and regulatory requirements for all data center migration phases.
• Configure auditing tools to track security control implementation, incidents, and compliance status during migration.
• Ensure tools are set up to generate reports on control maturity, SOC 2 criteria adherence, and risk management.
• Rollout audit activities at critical stages of the migration process, focusing on compliance with security standards and SOC 2 readiness.
• Ensure continuous monitoring of compliance through auditing mechanisms in place during migration.
• Provide reports documenting compliance with SOC 2 readiness and other security standards, highlighting any gaps identified during the migration.
• Develop and deliver post-migration recommendations for maintaining ongoing security and compliance in the new data center environment.