SOC Audit Executive

Job Description

Years of experience - 1 to 2 years. Location - HYD. 5 days in a week. Position Summary The SOC 2 and HIPAA Compliance Tester/Associate is responsible for performing control testing, evidence collection, and compliance validation to support the organization?s information security and regulatory compliance objectives. This role ensures ongoing adherence to SOC 2 Trust Services Criteria and HIPAA Security & Privacy Rules , supporting internal and external audits, maintaining compliance documentation, and strengthening the organization?s GRC (Governance, Risk, and Compliance) framework. Key Responsibilities SOC 2 and HIPAA Compliance Testing Perform control testing to assess the design and operating effectiveness of controls aligned with SOC 2 Trust Services Criteria (Security, Availability, Confidentiality, Processing Integrity, Privacy). Conduct HIPAA Security Rule and Privacy Rule compliance assessments to verify that policies, procedures, and safeguards are effectively implemented. Collaborate with control owners to gather, review, and validate audit evidence for SOC 2 and HIPAA compliance. Document findings, observations, and recommendations in alignment with compliance frameworks and audit requirements. Support SOC 2 Type I/II readiness assessments, HIPAA gap analyses, and remediation tracking through closure and follow-up testing. Contribute to risk assessments, business impact analyses, and ongoing security awareness initiatives. Audit, Documentation, and Technical Understanding Apply fundamental audit principles, including risk assessment, materiality, independence, and sufficiency of evidence, to evaluate internal control frameworks. Maintain a strong understanding of technical environments ? including cybersecurity, virtualization, data centers, and cloud computing ? and translate technical concepts for diverse audiences, including senior management. Prepare clear, concise, and re-performable documentation to support audit findings and compliance validation. Demonstrate excellent communication skills, both written and verbal, ensuring clarity and professionalism in all deliverables. General and Cross-Functional Responsibilities Maintain knowledge of relevant regulations and industry standards (e.g., SSAE 18/SOC, HIPAA, ISO 27001, COSO, HITRUST) and apply best practices to address compliance requirements. Manage multiple priorities effectively within a deadline-driven environment, demonstrating strong time management, organization, and project coordination skills. Support the continuous improvement of the compliance testing program and contribute to a culture of security and accountability.