Soc Analyst

Job Description

Role & responsibilities Key Responsibilities: Plan, execute, and document internal audits for ISO/IEC 27001:2022 and SOC 2 controls across the organization. Conduct risk assessments to identify control weaknesses and areas for improvement. Evaluate effectiveness of existing information security policies, procedures, and controls. Collaborate with process owners to ensure timely implementation of corrective actions. Maintain audit schedules and manage audit evidence for internal and external assessments. Liaise with external auditors for ISO and SOC 2 certification processes. Assist in development, review, and continuous improvement of ISMS and security policies. Maintain up-to-date knowledge of compliance requirements, regulatory changes, and industry trends. Train internal teams on ISO/SOC2 awareness and audit preparedness. Report audit findings and compliance status to senior management with actionable recommendations. Required Qualifications: Bachelors degree in Information Security, Computer Science, Auditing, or related field. At least 2–5 years of experience in auditing information security management systems. Proven experience in conducting internal audits for ISO/IEC 27001:2022 and SOC 2 frameworks. Certifications such as ISO 27001 Lead Auditor is mandatory. PIMS/CISA/BCMS or other relevant Certifications will be a plus Solid understanding of information security principles, risk management, and data privacy. Preferred Skills: Excellent analytical, problem-solving, and documentation skills. Strong interpersonal and communication skills, with the ability to interact with technical and non-technical stakeholders. Self-driven with the ability to manage multiple priorities under minimal supervision Work Environment: May require occasional travel for site audits or assessments. Flexible hours during audit cycles may be required.