Key Responsibilities

Collect, organize, and maintain evidence required for SOC 2 compliance audits
Partner closely with Engineering, IT, Security, and other internal teams to gather required documentation and artifacts
Work within compliance platforms (primarily Drata) to track controls, monitor status, and ensure timely completion of tasks
Assist in preparing for audits by ensuring all evidence is complete, accurate, and audit-ready
Collaborate with external auditors to respond to requests and provide additional documentation as needed
Identify gaps or inconsistencies in compliance documentation and drive follow-ups with stakeholders
Support ongoing compliance initiatives and process improvements

Security & Application Security:

Track and help coordinate remediation of vulnerabilities identified through security scans and penetration tests
Assist in planning and coordinating periodic penetration tests (scoping, scheduling, and documentation)
Support documentation and validation of application security controls and secure development practices
Partner with Engineering to ensure security findings are properly addressed and reflected in compliance artifacts

Qualifications

1–3+ years of experience in compliance, security, or audit support roles
Hands-on experience with SOC 2 evidence collection and audit processes
Experience with compliance automation platforms, Drata strongly preferred
Familiarity with vulnerability management and/or application security workflows, i.e. pentesting
Experience working cross-functionally with Engineering, IT, or Security teams
Strong organizational skills with high attention to detail
Ability to manage multiple requests and deadlines in a fast-paced environment