1

Soc Two Auditor Jobs (NOW HIRING)

Auditor, SOC2

Dallas, TX · On-site

$80K - $85K/yr

We are seeking a SOC 2 Auditor to join our growing team. This role requires strong client-facing skills and the ability to manage multiple client audits from start to finish. Essential Duties and ...

We are seeking a SOC 2 Auditor to join our growing team. This role requires strong client-facing skills and the ability to manage multiple client audits from start to finish.

Auditor, SOC2

Dallas, TX · Remote

$80K - $85K/yr

We are seeking a SOC 2 Auditor to join our growing team. This role requires strong client-facing skills and the ability to manage multiple client audits from start to finish.

SOC 2 Senior Auditor - US

OR · Remote

$80K - $99K/yr

JOB PURPOSE The role of Senior Auditor includes the execution of client engagements and internal activities related to SOC 1, SOC 2, and SOC 3 examinations, HIPAA assessments, and external audits of ...

TestPros is looking for Expert level SOC 2 Auditors with experience performing SOC 2 Type 2 Assessments. Position Type: Consultant (Project-Based) Location: Remote Contract Period: February 2026 ...

Technical Writer - SOC 2 (Compliance | Financial Data) We're looking for an experienced Technical ... Experience working with auditors or third-party assessors * Familiarity with SaaS, cloud ...

... new SOC 1 and SOC 2 reports and IT SOX general controls across the mainframe, cloud, and ... Knowledge of auditing principles and practices, and the analysis and reporting of audit information ...

... new SOC 1 and SOC 2 reports and IT SOX general controls across the mainframe, cloud, and ... Knowledge of auditing principles and practices, and the analysis and reporting of audit information ...

Job Title: IT Auditor II and cybersecurity Location: Austin, TX (Hybrid ) Duration: 5+ Months Mode ... SOC 2, PCI-DSS). * Collect and analyze evidence such as policies, configurations, logs, and access ...

San Francisco, CA TITLE: Information Security Auditor DUTIES: Lead a team that provides ... Experience conducting Information Security (IS) Audits compliant with ISO 27001:2013 and SOC 2 Type ...

Senior IT Auditor, Quality

Frisco, TX · On-site

$88K - $115K/yr

This role is ideal for experienced IT auditors, HITRUST External Assessor professionals, or other ... HITRUST Assessor experience, SOC 2 experience, or prior work in IT assurance, compliance, or ...

Senior IT Auditor, Quality

Frisco, TX

$88K - $115K/yr

This role is ideal for experienced IT auditors, HITRUST External Assessor professionals, or other ... HITRUST Assessor experience, SOC 2 experience, or prior work in IT assurance, compliance, or ...

Understand information technology controls, concepts and auditing, or be able to lead and mentor ... 2 and the impact to the SOC compliance environment * If desired, may participate in new client ...

next page

Showing results 1-20

Soc Two Auditor information

See salary details

$38.5K

$92.8K

$151K

How much do soc two auditor jobs pay per year?

As of Jul 17, 2026, the average yearly pay for soc two auditor in the United States is $92,797.00, according to ZipRecruiter salary data. Most workers in this role earn between $72,000.00 and $112,000.00 per year, depending on experience, location, and employer.

What is the difference between Soc Two Auditor vs Soc Two Consultant?

AspectSoc Two AuditorSoc Two Consultant
CertificationsTypically holds CPA, CISA, or similar certificationsOften has similar certifications but focuses on advisory roles
Work EnvironmentPerforms audits within organizations, often in finance or IT departmentsProvides advisory services, assessments, and recommendations to clients
Employer & Industry UsageEmployed by organizations or audit firms to conduct SOC 2 auditsWorks for consulting firms or independently to advise on SOC 2 compliance

While both roles focus on SOC 2 compliance, a Soc Two Auditor conducts formal audits to assess compliance, whereas a Soc Two Consultant provides guidance and recommendations to help organizations prepare for audits.

More about Soc Two Auditor jobs
What cities are hiring for Soc Two Auditor jobs? Cities with the most Soc Two Auditor job openings:
What states have the most Soc Two Auditor jobs? States with the most job openings for Soc Two Auditor jobs include:
Infographic showing various Soc Two Auditor job openings in the United States as of July 2026, with employment types broken down into 11% Locum Tenens, 75% Full Time, 12% Part Time, and 2% Contract. Highlights an 86% Physical, 4% Hybrid, and 10% Remote job distribution, with an average salary of $92,797 per year, or $44.6 per hour.
SOC 2 Type 2 Five-TSC SaaS / Cloud Compliance Lead

SOC 2 Type 2 Five-TSC SaaS / Cloud Compliance Lead

FYI For Your Information Inc

Silver Spring, MD • Remote

Full-time

Retirement

Posted 29 days ago


Job description

FYI - For Your Information, Inc. is an SBA certified, Woman-Owned Small Business and GSA schedule holder that is a premier provider of Human Capital, Training, and Information Technology services. We have won awards for being a Great Place to Work and continue to make ground-breaking advancements. For four years in a row, we have been on Inc. Magazine's 5000 list and were recently named one of Inc.'s 2024 Mid-Atlantic Fastest Growing companies.

About the role

FYI is seeking a SOC 2 Type 2 Five-TSC SaaS / Cloud Compliance Lead to support an active SOC 2 Type 2 program across Security, Availability, Processing Integrity, Confidentiality, and Privacy. This role will own the SOC 2 domain in a fractional capacity, including evidence review, control operation support, auditor communication support, recurring compliance cadence, and SaaS/cloud control maturity. The right candidate has supported real SOC 2 Type 2 audits and can work with engineering, IT, security, HR, operations, leadership, and auditors.

Essential responsibilities and duties

  • Support SOC 2 Type 2 audit readiness and active auditor-response efforts across all five Trust Services Criteria.
  • Review evidence requests and determine whether evidence is complete, partial, missing, stale, unclear, or misaligned to the control being tested.
  • Draft and review auditor responses, management explanations, control narratives, and evidence summaries.
  • Support control operations for access reviews, vendor risk management, risk assessment, policy review, security awareness, incident response, change management, and security steering activities.
  • Review evidence for IAM, MFA, logging, monitoring, encryption, vulnerability management, secure SDLC, code review, release approvals, CI/CD security, SAST, DAST, SCA, backups, availability, confidentiality, processing integrity, and privacy controls.
  • Coordinate with control owners to obtain timestamped, complete, and audit-ready artifacts.
  • Help maintain the recurring compliance calendar for monthly, quarterly, and annual SOC 2 control activities.
  • Support policy and documentation management, version control, approvals, and annual review cadence.
  • Identify control design gaps, operating effectiveness gaps, evidence issues, and audit risks.
  • Provide concise written status updates, blockers, risks, and next actions to the project manager and CISO/vCISO.

Required qualifications

  • 8+ years of cybersecurity, GRC, IT audit, compliance, SaaS security, cloud security, security consulting, or related experience.
  • GRC platform experience (Drata preferred, others include Vanta or SecureFrame)
  • Direct hands-on experience supporting SOC 2 Type 2 audits.
  • Experience with SaaS or cloud-hosted application environments.
  • Experience reviewing evidence for control design and operating effectiveness.
  • Ability to translate audit requirements into operational tasks for engineering, IT, security, HR, legal, operations, and leadership stakeholders.
  • Strong written communication skills and ability to produce auditor-ready explanations.
  • Ability to drive control owners and follow-ups without constant prompting.
  • Ability to work through ambiguity and produce clean, organized, audit-ready documentation.

Nice to have

  • Prior SOC 2 auditor, CPA-firm, or audit-support experience.
  • Experience with all five Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.
  • CISA, CISSP, CISM, Security+, CPA, ISO 27001 Lead Auditor, or equivalent certification.
  • Experience with Drata, Vanta, Secureframe, Hyperproof, Jira, Confluence, AWS, Azure, GCP, CI/CD tooling, SAST, DAST, SCA, vulnerability management, or cloud security tools.
  • PCI DSS familiarity, especially where SOC 2 controls overlap with PCI requirements.

Expected deliverables

  • SOC 2 Five-TSC evidence and gap tracker inputs.
  • Control evidence sufficiency reviews.
  • Auditor response drafts and management-response drafts.
  • Control narrative and control-description updates.
  • Recurring compliance calendar inputs for access reviews, vendor reviews, risk assessments, policy reviews, steering meetings, and evidence refresh cycles.
  • Policy, procedure, and documentation review notes.
  • SOC 2 blocker, risk, and next-action summaries.

Operating style required

This role requires a senior operator who can own the SOC 2 lane in a fractional capacity. The contractor must communicate clearly, document next actions, identify blockers early, and coordinate through the project manager. This is not a casual side task. Responsiveness, ownership, and clean written work product are required.

FYI's Benefits/Incentives: What is in it for you?

  • Opportunity to work a hybrid work schedule
  • A knowledgeable, high-achieving, diverse, experienced, and fun team.
  • The chance to be part of a rapidly growing company and the next success story.
  • A competitive base salary with a loaded benefits package plus 401K.
  • Tuition/education assistance, personal computer allowance, pet insurance.