Job Openings
SOC 2 Testing Engineer
About the job SOC 2 Testing Engineer
Position Profile: Testing Engineer (Remote – Mexico)
Job Title: SOC 2 Senior Tester
Location: Remote (LATAM)
Employment Type: Full-Time
Experience Level: Senior (5+ years SOC audit/testing experience)
Role Overview
We are seeking an experienced SOC 2 Senior Tester to join our assurance team. This role is responsible for performing detailed control testing, evaluating evidence, documenting results, and supporting the successful delivery of SOC 2 engagements for clients across various industries. The ideal candidate is highly organized, technically knowledgeable, and comfortable working directly with clients in both English and Spanish.
Key Responsibilities
- Lead and perform SOC 2 Type I and Type II control testing, including walkthroughs, evidence evaluation, and test documentation.
- Assess the design and operating effectiveness of controls across Security, Availability, Processing Integrity, Confidentiality, and Privacy Trust Services Criteria.
- Collaborate closely with engagement managers and clients to obtain required evidence and clarify control expectations.
- Draft audit workpapers, test results, and supporting documentation in accordance with AICPA standards.
- Identify control gaps, exceptions, and improvement opportunities, and articulate them clearly to clients.
- Assist with planning and scoping of SOC engagements, including risk assessments and control mapping.
- Maintain up-to-date knowledge of SOC standards, regulatory expectations, and industry best practices.
- Participate in internal quality reviews to ensure consistent, high-quality deliverables.
- Communicate effectively with clients in both English and Spanish, verbally and in writing.
Required Qualifications
- Minimum of 5 years of hands-on SOC audit or security compliance testing experience.
- Active CISA certification (or equivalent such as CISSP, CPA with SOC experience, or ISO Lead Auditor).
- Fluency in both English and Spanish (professional proficiency in speaking and writing).
- Strong understanding of SOC 2 frameworks, AICPA Trust Services Criteria, and related auditing standards.
- Experience evaluating IT general controls (ITGCs), cloud environments, identity and access management, change management, security monitoring, and related domains.
- Excellent documentation and communication skills.
- Ability to work independently, manage deadlines, and collaborate in a team-oriented environment.
- Ability to conduct client walkthroughs independently.
Preferred Skills
- Experience with CMMC assessments or implementations (Level 1–3).
- Experience with SOC 1, ISO 27001, HIPAA, PCI, or other security/compliance frameworks.
- Familiarity with cloud service providers (AWS, Azure, GCP).
- Prior experience in a public accounting firm, cybersecurity consulting firm, or third-party assurance practice.
- Strong analytical and problem-solving skills.
What we offer
- Competitive compensation
- Remote and flexible work environment
- Professional development support and continuing education reimbursement
- Opportunity to work with a wide range of clients and technologies
- A collaborative, growth-focused culture