SOC Control Tester

Hi Folks

Please check the JD and share your updated resume to my email naresh@sapphiresoftwaresolutions.com and ping me on whatsapp (+91 970-529-6474) along with your resume

SOC Controls Tester

1 year contract-Remote

Hours: Night Shift

Duration: 1 Year Contract (Extendable)

Location: Remote

Shift: Night Shift

Job Overview:

We are seeking a highly skilled SOC Control Tester with expertise in SOC 2 compliance assessments and control testing. The ideal candidate will have hands-on experience in auditing, testing, and validating security, availability, confidentiality, processing integrity, and privacy-related controls in line with SOC 2 requirements. The role involves working closely with stakeholders, IT, compliance, and audit teams to ensure adherence to regulatory, security, and risk management standards.

Key Responsibilities:

Perform SOC 2 control testing across IT systems, applications, and business processes.

Evaluate and validate the effectiveness of internal controls related to security, availability, confidentiality, processing integrity, and privacy.

Must have hands on knowledge with COBIT framework and be familiar with NIST/ COSO

Expert-level Excel skills (pivot tables, complex formulas)

Expert level experience conducting UAR on SailPoint

Experience testing controls of cloud, SAP, and DevOps tools (GitHub, Gitlab, Azure, AWS)

Experience with one of the Big Four (Deloitte, EY, PwC, KPMG)

Collaborate with process owners to gather evidence and perform walkthroughs of SOC 2 controls.

Identify control gaps, deficiencies, and recommend remediation strategies.

Document and report testing results, including exceptions and areas of improvement, to management and audit teams.

Support readiness assessments for SOC 2 Type I and Type II audits.

Partner with internal stakeholders and external auditors to ensure compliance with SOC 2 Trust Services Criteria (TSC).

Develop and maintain testing scripts, methodologies, and evidence documentation standards.

Provide recommendations to strengthen control environment and mitigate audit risks.

Stay current with SOC 2, AICPA standards, regulatory updates, and best practices.

Must Have Qualifications:

5–8 years of experience in IT audit, risk management, or compliance testing.

Strong hands-on experience with SOC 2 controls testing (Type I & Type II).

Solid understanding of Trust Services Criteria (TSC) under SOC 2 (Security, Availability, Confidentiality, Processing Integrity, and Privacy).

Proficiency in testing IT General Controls (ITGCs) and application controls.

Familiarity with frameworks and standards such as COBIT, NIST, COSO, and ISO 27001.

Strong knowledge of evidence gathering, walkthroughs, and issue remediation tracking.

Excellent Excel and reporting skills (pivot tables, VLOOKUP, macros preferred).

Experience working with GRC tools (e.g., Archer, ServiceNow GRC, MetricStream).

Strong written and verbal communication skills with ability to interact with auditors and senior stakeholders.