1

Soc 1 Jobs (NOW HIRING)

Build and manage an opportunity pipeline across SOC (1/2/3), readiness, ISO 27001 ISMS implementation/assessments, ISO 42001 (AI Management System) readiness/certification guidance, and security ...

Build and manage an opportunity pipeline across SOC (1/2/3), readiness, ISO 27001 ISMS implementation/assessments, ISO 42001 (AI Management System) readiness/certification guidance, and security ...

Build and manage an opportunity pipeline across SOC (1/2/3), readiness, ISO 27001 ISMS implementation/assessments, ISO 42001 (AI Management System) readiness/certification guidance, and security ...

Build and manage an opportunity pipeline across SOC (1/2/3), readiness, ISO 27001 ISMS implementation/assessments, ISO 42001 (AI Management System) readiness/certification guidance, and security ...

GRC Program Manager

$95K - $135K/yr

You'll own the full spectrum of Astra's audit execution: driving SOC 1, SOC 2, PCI DSS, and ISO 27001 programs end-to-end, translating regulatory requirements into practical technical controls ...

Sr. GRC Analyst

$136K - $169K/yr

In this position, you will blend standard GRC practices (PCI DSS, NIST, SOC 1/2) with a technical mindset, leveraging GRC platforms, scripting and AI tools to automate manual compliance workflows ...

Ensure readiness for SOC 1, SOC 2, ISO 27001, and customer audits * Maintain integrity of security documentation and access logs * Identify gaps and implement improvements to strengthen security ...

A recognized security certification (CISSP preferred) Experience managing a security vendor or MSSP relationship Audit program ownership experience (SOC 2, SOC 1, or ISO) Strong executive ...

Sr. GRC Analyst

Charleston, WV · Remote

$136K - $169K/yr

In this position, you will blend standard GRC practices (PCI DSS, NIST, SOC 1/2) with a technical mindset, leveraging GRC platforms, scripting and AI tools to automate manual compliance workflows ...

Lead the ISO 27001:2022 surveillance and recertification cycles, and SOC 1 and SOC 2 Type 2 audits, end-to-end * Plan and execute Rokt's internal audit program (user access, exemptions, DPIAs, SCF ...

A recognized security certification (CISSP preferred) Experience managing a security vendor or MSSP relationship Audit program ownership experience (SOC 2, SOC 1, or ISO) Strong executive ...

Ensure readiness for SOC 1, SOC 2, ISO 27001, and customer audits * Maintain integrity of security documentation and access logs * Identify gaps and implement improvements to strengthen security ...

Ensure readiness for SOC 1, SOC 2, ISO 27001, and customer audits * Maintain integrity of security documentation and access logs * Identify gaps and implement improvements to strengthen security ...

Lead the ISO 27001:2022 surveillance and recertification cycles, and SOC 1 and SOC 2 Type 2 audits, end-to-end * Plan and execute Rokt's internal audit program (user access, exemptions, DPIAs, SCF ...

Lead the ISO 27001:2022 surveillance and recertification cycles, and SOC 1 and SOC 2 Type 2 audits, end-to-end * Plan and execute Rokt's internal audit program (user access, exemptions, DPIAs, SCF ...

Advisory Senior Associate

Charlotte, NC · On-site

$79K - $97K/yr

Lead day-to-day execution of advisory engagements, including SOC 1/SOC 2 examinations, IT internal audits, IT risk assessments, and information security reviews. * Perform detailed testing and ...

next page

Showing results 1-20

Soc 1 information

See salary details

$10

$48

$84

How much do soc 1 jobs pay per hour?

As of Jul 14, 2026, the average hourly pay for soc 1 in the United States is $48.53, according to ZipRecruiter salary data. Most workers in this role earn between $27.40 and $75.24 per hour, depending on experience, location, and employer.

What is a Soc 1 job?

A SOC 1 job typically refers to a role in a Security Operations Center (SOC), where analysts monitor, detect, and respond to cybersecurity threats. SOC analysts analyze security alerts, investigate incidents, and help protect an organization's IT infrastructure from attacks. They use various security tools, review logs, and apply threat intelligence to mitigate risks. This job requires strong analytical skills, knowledge of security practices, and the ability to respond quickly to cyber threats.

What are the key skills and qualifications needed to thrive in the Soc 1 position, and why are they important?

To excel as a SOC 1 (Security Operations Center Level 1 Analyst), a solid understanding of cybersecurity fundamentals, incident detection, and response processes is essential, often supported by certifications like CompTIA Security+ or related technical training. Familiarity with security information and event management (SIEM) tools, ticketing systems, and network monitoring platforms is typically required. Strong attention to detail, analytical thinking, and clear communication skills help SOC 1 analysts quickly identify and escalate security incidents. These abilities are critical for maintaining organizational cybersecurity and ensuring swift, effective responses to potential threats.

What is L1 L2 and L3 in SOC?

In the context of SOC (Security Operations Center) roles, L1, L2, and L3 refer to different levels of security analysts. L1 analysts handle initial threat detection and basic troubleshooting, L2 analysts perform more in-depth analysis and incident response, and L3 analysts are senior experts responsible for complex investigations and threat mitigation. These levels help define the hierarchy and responsibilities within a security team.

Can you make $500,000 a year in cyber security?

Soc 1 professionals typically do not earn $500,000 annually; such high salaries are usually associated with senior roles like cybersecurity executives or consultants with extensive experience, certifications, and specialized skills. Most cybersecurity roles offer salaries ranging from $70,000 to $150,000, with higher earnings possible in management or consulting positions in large organizations.

Is SOC 1 entry level?

SOC 1 roles are typically not entry-level; they often require some experience in auditing, accounting, or IT controls. Entry-level positions in this area may be labeled as SOC 1 associate or analyst, but advanced knowledge of compliance standards like SSAE 18 is usually expected for full SOC 1 roles.

What is the average salary for a SOC Level 1?

The average salary for a SOC Level 1 analyst typically ranges from $45,000 to $65,000 annually, depending on location, experience, and employer. Entry-level positions often require basic knowledge of security tools and monitoring procedures, with opportunities for advancement as skills develop.

What can I expect from a typical shift as a SOC 1 Analyst?

As a SOC 1 Analyst, your typical shift will involve monitoring security alerts, analyzing suspicious events, and escalating incidents according to established protocols. You’ll work closely with other SOC team members, often in a collaborative environment that may operate around the clock with day, evening, or overnight shifts. The work is fast-paced and detail-oriented, requiring you to respond rapidly to evolving cybersecurity threats. Many organizations offer clear advancement paths, so excelling in this foundational role can lead to higher-level security analyst opportunities.

More about Soc 1 jobs
What cities are hiring for Soc 1 jobs? Cities with the most Soc 1 job openings:
What states have the most Soc 1 jobs? States with the most job openings for Soc 1 jobs include:
Infographic showing various Soc 1 job openings in the United States as of July 2026, with employment types broken down into 70% Full Time, 10% Part Time, and 20% Contract. Highlights an 80% In-person, 10% Hybrid, and 10% Remote job distribution, with an average salary of $100,951 per year, or $48.5 per hour.
Risk Senior Manager

Risk Senior Manager

SC&H Group

Columbia, MD • On-site, Remote

Full-time

Medical, Retirement, PTO

Re-posted 4 days ago


Job description

SC&H's Risk Practice is seeking a Senior Manager to lead and grow our service line with a strong focus on security-related consulting, including SOC (SSAE 18), ISO/IEC 27001, and ISO/IEC 42001 engagements. The ideal candidate combines sales/business development acumen, team leadership, and deep delivery expertise to shape client outcomes, scale practices, and develop high-performing teams. This role includes measurable growth responsibilities, client oversight, and engagement leadership across highly regulated and high-growth industries.
Work You'll Do:
  • Business Development & Growth (40%)
    • Own a personal book-of-business growth target; lead opportunity pursuit from prospecting through close (RFPs, proposals, orals, scoping, pricing).
    • Build and manage an opportunity pipeline across SOC (1/2/3), readiness, ISO 27001 ISMS implementation/assessments, ISO 42001 (AI Management System) readiness/certification guidance, and security program advisory.
    • Develop go-to-market (GTM) offerings, thought leadership, and partner/alliances; collaborate with Marketing on campaigns and events.
    • Expand client relationships at the CISO, CIO, CTO, CAE, CFO levels; lead cross-sell with Assurance, Tax, and other Cyber/Technology teams.
  • Engagement Leadership & Delivery (40%)
    • Lead SOC (SSAE 18) readiness and examination projects (SOC 1 Type 1/2, SOC 2 Type 1/2, SOC 3), including scoping, testing strategy, and report quality.
    • Lead ISO/IEC 27001 implementations (ISMS design, risk assessment, controls, internal audits, certification readiness) and ISO/IEC 42001 readiness/implementation for AI governance.
    • Oversee delivery quality, risk, and timelines across multiple concurrent engagements; ensure methodology compliance and audit defensibility.
  • People Leadership & Practice Management (20%)
    • Manage, coach, and develop a team of managers/ seniors/ associates; lead staffing, utilization, and performance.
    • Champion a collaborative, inclusive, and learning-oriented culture; provide timely feedback and career guidance.
    • Strengthen delivery playbooks, templates, and accelerators; contribute to practice P&L hygiene (pricing discipline, margin, WIP/AR, scope management).

Qualifications
  • Required
    • 8-12+ years of progressively responsible experience in public accounting, consulting, or a comparable risk/security practice.
    • Proven track record in SOC (SSAE 18) readiness and examinations (SOC 1/SOC 2), including planning, testing, supervision, and reporting.
    • Hands-on experience with ISO/IEC 27001 (ISMS design/implementation, internal audit, certification readiness) and familiarity with ISO/IEC 42001 (AI Management System) frameworks and AI governance concepts.
    • Demonstrated sales/business development success (pipeline creation, proposals/orals, solutioning, closing) and account growth.
    • People leadership experience: managing teams, setting priorities, and developing talent across multiple engagements.
    • Strong understanding of security and IT risk domains (identity and access, change/configuration, secure engineering, vendor risk, cloud controls, incident response, logging/monitoring, data governance, AI governance).
    • Excellent client communication, executive presence, and stakeholder management skills.
    • Prior practice-building responsibilities (offerings, pricing models, partner alliances).
  • Preferred
    • Experience coordinating with external auditors and working in regulated industries (SaaS, fintech, healthcare, critical infrastructure).
    • Working knowledge of cloud security (Azure, AWS, GCP) and enabling platforms (e.g., M365/Entra ID, ServiceNow GRC, Archer, OneTrust).
  • Education & Certifications
    • Bachelor's degree in Accounting, Information Systems, Computer Science, Cybersecurity, or related field; Master's degree a plus.
    • One or more of the following required:
      • CISA (Certified Information Systems Auditor)
      • ISO/IEC 27001 Lead Implementer or Lead Auditor (or equivalent ISO credential)
      • CPA (active)
    • Additional relevant certifications a plus: CISSP, CCSP, CRISC, CISM, ISO/IEC 42001-related training/credentials.
  • Key Performance Indicators (KPIs)
    • Bookings & Revenue: Meets/exceeds individual and practice sales targets; healthy pipeline coverage, appropriate recovery/margins
    • Client Satisfaction & Expansion: New service-line cross-sells; referenceable clients.
    • People Metrics: Team utilization, retention, timely feedback, and progression of staff.

Any unsolicited resumes submitted through our website or to SC&H Group, Inc., employee e-mail accounts are considered property of SC&H Group, Inc., and are not subject to payment of agency fees. In order to be an authorized recruitment agency ("search firm") for SC&H Group, Inc., there must be a formal written agreement in place and the agency must be invited, by SC&H's Talent Acquisition team, to submit candidates for review.
ABOUT SC&H
SC&H is an employee-owned, global consulting and financial services firm - home to people who believe in the power of trusted personal relationships. Everyone here shares a passion for driving results, fueled by the genuine connections we forge. Our expert capabilities and exceptional service have shaped the firm's longstanding reputation for excellence and impressive growth. But it's the partnerships we build and the success we help deliver that make each day rewarding - for our colleagues, our clients, and our communities.
Recognized annually by Inc., Baltimore Business Journal, Accounting Today, and Inside Public Accounting as a "Best Place to Work," SC&H is routinely named one of the fastest-growing firms for organic growth in the United States. Our success is powered by 13 diverse practices at the intersection of finance, technology, and accounting; 430+ professionals across offices in Maryland, Tysons Corner / Washington D.C., Philadelphia, Chicago, and India; and a client base ranging from emerging growth to world-renowned Fortune 500 companies. This is the place to build lasting professional relationships, grow your skills, and fulfill your potential.
SC&H
Make it Rewarding.
Salary & Benefits
The expected annual base salary for this position is $140,000-$175,000. Salary offers are made based on a variety of candidate specific factors such as candidate's skills, performance, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. As a 100% employee-owned firm, SC&H offers the unique benefit of real equity ownership for every colleague with at least 1 year of service. Watch your stake grow as your tenure increases and the firm achieves success. We also offer a comprehensive health plan with multiple options to suit your needs, at least 4 weeks of paid time off, 8 firm-paid holidays, 401k with employer match, and an annual firm trip for you and a guest to an all-inclusive tropical location.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor.