SOC Compliance / Security Consultant DURATION: 1-year contract to hire LOCATION: Fully Remote; Albany, New York Note: Only W2 candidates are eligible for this role.
- SOC Compliance Experience Required
The IT Security and Compliance Engineer plays a crucial role within the Information Technology team. This professional must be highly detail-oriented, with a strong background in corporate cybersecurity, audit compliance, and a commitment to maintaining system integrity through meticulous documentation. The role focuses on ensuring that network infrastructure surpasses industry standards for security, reliability, and performance. Qualifications
- 5+ years of experience as a system/network administrator with a focus on IT security and compliance.
- Extensive knowledge and hands-on experience in managing Windows/Linux environments, including expertise with threat and vulnerability management tools like Tenable Nessus.
- Strong understanding of ISO 27001, SOC Type II, and other relevant compliance frameworks.
- Exceptional ability to document technical processes, audit trails, and compliance-related activities in a clear and organized manner.
- Excellent verbal and written communication skills, particularly in translating technical information into audit-compliant documentation.
- Strong analytical skills and the ability to work under pressure to meet tight deadlines.
- Familiarity with cloud-based security and compliance solutions is preferred.
- Security Certifications: CompTIA Security+, SSCP (Systems Security Certified Practitioner) preferred.
Day-to-Day Tasks
- Lead and support internal and external audits, including preparation, documentation, and implementation of necessary changes to meet compliance standards such as ISO 27001 and SOC Type II.
- Develop, maintain, and refine comprehensive documentation for IT security processes, policies, and procedures. Ensure that all documentation is up-to-date, accurate, and accessible for audit and compliance purposes.
- Manage and enhance data privacy, protection, and usability protocols, ensuring that privacy solutions are compliant and perform at the highest standards.
- Collaborate with users and stakeholders to define system requirements and oversee modifications to both new and existing software and systems, ensuring alignment with compliance requirements.
- Execute and complete security assessments within strict timelines, documenting findings, outcomes, and recommendations for improvement.
- Design, setup, and administer Windows and Linux server environments, including regular upgrades and patching, with a focus on maintaining a secure and compliant infrastructure.
- Regularly communicate program progress, issues, and analysis to key stakeholders. Produce detailed reports that include assessment findings, security vulnerabilities, and proposals for enhancing system security.