Senior GRC Analyst II, SOC 2

Department: Governance, Risk & Compliance

The Senior GRC Analyst II – SOC 2 will serve as a technical leader and subject matter expert focused on SOC 2 readiness and examination audits, with deep specialization in SOC 2 automation platforms (e.g., Drata, Vanta, Secureframe, etc.). This role is responsible for leading complex SOC 2 engagements from readiness through reporting, driving platform optimization for clients, and serving as a strategic advisor on control design, implementation, and automation.

Key Responsibilities

• Lead SOC 2 Type I and Type II readiness and examination engagements under the AICPA Trust Services Criteria.
• Own engagement planning, scoping, timeline management, and execution across multiple concurrent SOC 2 clients.
• Advise clients on control design and implementation aligned to the Trust Services Criteria (Security, Availability, Confidentiality, Processing Integrity, Privacy).
• Evaluate readiness gaps and develop actionable remediation roadmaps.
• Serve as internal and external subject matter expert on SOC 2 automation platforms (e.g., Drata, Vanta, Secureframe, or similar tools).
• Configure and optimize client platform environments, including:

+ Control mapping + Evidence workflows + Automated integrations (cloud providers, ticketing systems, HRIS, code repositories, etc.) + Continuous monitoring settings

• Review automated control outputs and exception reporting to ensure audit defensibility.
• Identify opportunities to improve automation coverage and reduce manual evidence collection.
• Partner with clients to mature their compliance operations using platform analytics and reporting.

Only candidates in Australia will be considered at this time.