Job Description
We are a small, US-based startup preparing for a SOC 2 Type II audit and are looking for an experienced SOC 2 auditor / compliance consultant to help us with a pre-audit readiness assessment.
We already use Vanta and are looking for hands-on support to assess our current posture, identify gaps, and help align our policies, controls, and risk management before engaging an external audit firm.
This is a short-term, outcome-focused engagement with potential follow-up support during the actual audit.
Scope of Work:
Conduct a SOC 2 Type II readiness / pre-audit assessment
Review our existing Vanta setup, controls, and evidence
Identify gaps, risks, and control weaknesses
Provide actionable recommendations to close gaps
Help refine and align:
Security policies & procedures
Risk management framework
Incident response, access control, change management, etc.
Validate evidence collection and control effectiveness in Vanta
Guide us on audit expectations and timelines
Optional: Support during the final SOC 2 Type II audit
Requirements
Proven experience conducting or supporting SOC 2 Type II audits
Hands-on experience with Vanta
Strong understanding of Trust Service Criteria:
Security (required)
Availability, Confidentiality, Processing Integrity (as applicable)
Background as a SOC 2 auditor, compliance consultant, or security advisor
Ability to translate audit requirements into practical, engineering-friendly guidance
Experience working with cloud/SaaS companies (AWS preferred)
Nice to Have
CPA, CISA, CISSP, or similar certifications
Experience with startups or fast-growing tech companies
Prior experience working with external audit firms
Deliverables:
SOC 2 Type II readiness / gap assessment report
Clear remediation plan with priorities
Policy and risk management alignment recommendations
Audit-ready checklist and next steps
Apply Now
Apply Now