FYI For Your Information Inc1 day ago

SOC 2 Type 2 Five-TSC SaaS / Cloud Compliance Lead

FYI For Your Information Inc

Hybrid · Silver Spring, Maryland, United States

Silver Spring, Maryland, United StatesHybridFull TimeSenior LevelNot SpecifiedUnknown

Type

Full Time

Level

Senior Level

Education

Not Specified

Company size

Unknown

Job Summary

SOC 2 Type 2 Five-TSC SaaS / Cloud Compliance Lead to own the SOC 2 domain in a fractional capacity, supporting audit readiness, evidence review, auditor communications, recurring compliance cadence, and SaaS/cloud control maturity. You will coordinate with engineering, IT, security, HR, operations, leadership, and auditors; review evidence for control design and operating effectiveness across all five Trust Services Criteria; draft auditor responses and control narratives; manage access reviews, vendor risk management, risk assessments, policy review, security awareness, incident response, change management, and related controls; maintain the recurring compliance calendar and produce concise status updates for stakeholders. Nice-to-have certifications (e.g., CISA, CISSP, CISM, Security+, CPA, ISO 27001 Lead Auditor) and experience with Drata, Vanta, SecureFrame, Hyperproof, Jira, Confluence, and cloud platforms (AWS, Azure, GCP) are noted.

Required Qualifications

8+ years of cybersecurity, GRC, IT audit, compliance, SaaS security, cloud security, security consulting, or related experience
GRC platform experience (Drata preferred, others include Vanta or SecureFrame)
Direct hands-on experience supporting SOC 2 Type 2 audits
Experience with SaaS or cloud-hosted application environments
Experience reviewing evidence for control design and operating effectiveness
Ability to translate audit requirements into operational tasks for engineering, IT, security, HR, legal, operations, and leadership stakeholders
Strong written communication skills and ability to produce auditor-ready explanations
Ability to drive control owners and follow-ups without constant prompting
Ability to work through ambiguity and produce clean, organized, audit-ready documentation

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started