ZipRecruiter

Log In

1

Contract Soc Two Audit Jobs (NOW HIRING)

Right Skale, Inc.

Technical Writer SOC 2

Ensure documentation is audit-ready, consistent, and aligned with SOC 2 Trust Services Criteria ... Contract Duration: 6M Work Setting: Remote (US) Some overlap with Eastern and PST time zones is ...

Momentum

GRC Analyst

Dallas, TX · On-site

Own the internal SOC 2 Type II evidence collection process, keeping controls audit-ready year-round. Manage the audit timeline, day-to-day liaison with the external auditor, and remediation finding ...

Quadient

Senior Manager, SOC and Postal Audits

Boston, MA · On-site

$88K - $108K/yr

We are seeking a Senior Manager of Compliance to lead and manage Quadient's USPS SOC 1 and SOC 2 programs. This role is responsible for audit execution, control design, and ongoing risk assessment ...

Quadient

Senior Manager, SOC and Postal Audits

Boston, MA · On-site +1

$88K - $108K/yr

We are seeking a Senior Manager of Compliance to lead and manage Quadient's USPS SOC 1 and SOC 2 programs. This role is responsible for audit execution, control design, and ongoing risk assessment ...

Quadient

Senior Manager, SOC and Postal Audits

Boston, MA

$88K - $108K/yr

We are seeking a Senior Manager of Compliance to lead and manage Quadient's USPS SOC 1 and SOC 2 programs. This role is responsible for audit execution, control design, and ongoing risk assessment ...

Sightview Software LLC

Security Manager II - GRC

Tampa, FL · On-site

$145K - $160K/yr

... SOC 2 Type II audit readiness and evidence collection end-to-end -- including control mapping, auditor liaising, and remediation tracking. · Own HIPAA Security Rule and Privacy Rule compliance ...

next page

Showing results 1-20

All JobsContract Soc Two Audit Jobs

Contract Soc Two Audit information

See salary details

$63K

$117.7K

$172.5K

How much do contract soc two audit jobs pay per year?

As of Jun 11, 2026, the average yearly pay for contract soc two audit in the United States is $117,671.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,500.00 per year, depending on experience, location, and employer.
More about Contract Soc Two Audit jobs
What cities are hiring for Contract Soc Two Audit jobs? Cities with the most Contract Soc Two Audit job openings:
What states have the most Contract Soc Two Audit jobs? States with the most job openings for Contract Soc Two Audit jobs include:
What job categories do people searching Contract Soc Two Audit jobs look for? The top searched job categories for Contract Soc Two Audit jobs are:
Contract Soc Two Audit jobs near you
Infographic showing various Contract Soc Two Audit job openings in the United States as of June 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $117,671 per year, or $56.6 per hour.
Senior IT Audit & Assurance Analyst

Senior IT Audit & Assurance Analyst

Abrigo

Raleigh, NC • On-site

Full-time

Medical, Retirement, PTO

Posted 14 days ago

Job description

Description
At Abrigo, we provide market-leading compliance, credit risk and lending software solutions that financial institutions use to manage risk and drive growth. Our solutions automate key processes and allow our customers to maintain compliance, fight financial crime, process loans quicker, and leverage data to strengthen their portfolio.
Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team, leading the execution of SOC audit engagements, IT internal audit coordination, IT internal control testing and monitoring, and risk assessment activities for a fast-paced fintech SaaS company serving community financial institutions nationwide.
This position is remote-primary based in Raleigh, NC, with quarterly on-site team engagements (three days each) and periodic on-site visits during external audit fieldwork (up to three weeks annually). This role reports to leadership within the IT Risk & Assurance Team, within an organization that operates under a security-first model under the Chief Information Security Officer.
What You'll Do:
SOC & External Audit Engagement Management:
  • Serve as a primary point of contact for external audit firms conducting enterprise SOC 1 and SOC 2 audit engagements, managing the engagement lifecycle from annual renewal and kickoff through final report issuance
  • Manage ad-hoc SOC 1 and SOC 2 audit engagements for newly acquired products not yet in scope of the enterprise SOC reports
  • Coordinate document requests, evidence collection timelines, and walkthrough scheduling with internal control owners across the organization
  • Evaluate audit artifacts for completeness and accuracy before submission to external auditors
  • Communicate preliminary audit findings to management and assist in drafting management responses

IT Internal Audit Coordination:
  • Serve as the primary liaison with the external IT internal audit firm, managing document requests, walkthrough scheduling, and audit status reporting for audits aligned with FFIEC IT Handbook standards
  • Perform walkthroughs with product teams and internal control owners to assess the IT internal control environment and recommend IT internal controls based on SOC and IT internal audit requirements
  • Proactively identify control gaps and recommend remediation strategies to control owners

Risk Finding Management & Control Monitoring:
  • Own the full lifecycle of the IT risk finding register, from opening findings through remediation closure, including escalation of overdue findings to management
  • Document and process risk acceptance based on control owner feedback
  • Perform ongoing monitoring of specific IT internal controls to ensure SOC and IT internal audit readiness throughout the year
  • Perform periodic IT internal control testing to validate control design and operating effectiveness
  • Conduct periodic risk finding reviews to verify findings were closed appropriately with supporting remediation evidence

Risk Assessments & Policy Coordination:
  • Lead annual updates to IT risk assessments, including the FFIEC Cybersecurity Assessment Tool (CAT), NIST CSF control mappings, and CIS Controls risk assessments
  • Lead the annual business impact analysis update, evaluating likelihood and impact of potential disruptions to the technology environment
  • Coordinate the annual policy update cycle with policy owners, including documenting changes, presenting to the IT Steering Committee, and coordinating management and Board approval
  • Perform additional IT risk and assurance duties as assigned to support the team's evolving needs

What You'll Need:
  • Bachelor's degree in Information Systems, Accounting, Computer Science, or related discipline; equivalent professional experience may be substituted in lieu of a degree
  • 3-6 years of experience in IT audit, IT risk, or IT compliance, such as advisory services at a CPA or consulting firm, IT internal audit at a financial institution, or GRC at a technology company
  • Hands-on experience managing or significantly contributing to SOC 1/SOC 2 audit engagements, including evidence collection and walkthrough coordination
  • Working knowledge of IT general controls and their application to SOC trust services criteria and/or FFIEC IT Handbook examination standards
  • Demonstrated experience performing IT internal control testing and evaluating control effectiveness
  • Experience maintaining risk finding registers and managing risk remediation lifecycles
  • Familiarity with IT risk assessment frameworks such as FFIEC CAT, NIST CSF, or CIS Controls
  • Strong written and verbal communication skills with the ability to interact effectively with external auditors, internal control owners, and management
  • Strong organizational skills and the ability to independently manage multiple audit and assurance workstreams in a remote-first environment
  • Must be available for quarterly on-site team engagements in Raleigh, NC and periodic on-site visits during external audit fieldwork

Preferred:
  • CISA (Certified Information Systems Auditor) or CRISC (Certified in Risk and Information Systems Control)
  • Experience in the financial services, banking, or fintech industry
  • Experience with FFIEC regulatory examinations or bank/credit union technology audit programs
  • Experience with SaaS/cloud environments (AWS, Azure) and understanding of shared responsibility models
  • Experience coordinating with outsourced or co-sourced internal audit functions

What You'll Get:
  • Market competitive total rewards package
  • To be part of the Heart & SOUL of a winning company with an inspiring mission
  • The opportunity to Make Big Things Happen
  • Competitive salary along with full health benefits with an HSA option
  • Flexible PTO and bank holidays
  • 401(k) plan and company match

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, age, genetic trait, sexual orientation, national origin, disability status, or any other characteristic protected by law. Abrigo is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at [email protected] with the subject line accommodation.

Apply