Job Openings SOC 2 Testing Engineer

About the job SOC 2 Testing Engineer

Position Profile: Testing Engineer (Remote – Mexico)

Job Title: SOC 2 Senior Tester
Location: Remote (LATAM)
Employment Type: Full-Time
Experience Level: Senior (5+ years SOC audit/testing experience)

Role Overview
We are seeking an experienced SOC 2 Senior Tester to join our assurance team. This role is responsible for performing detailed control testing, evaluating evidence, documenting results, and supporting the successful delivery of SOC 2 engagements for clients across various industries. The ideal candidate is highly organized, technically knowledgeable, and comfortable working directly with clients in both English and Spanish.

Key Responsibilities

  • Lead and perform SOC 2 Type I and Type II control testing, including walkthroughs, evidence evaluation, and test documentation.
  • Assess the design and operating effectiveness of controls across Security, Availability, Processing Integrity, Confidentiality, and Privacy Trust Services Criteria.
  • Collaborate closely with engagement managers and clients to obtain required evidence and clarify control expectations.
  • Draft audit workpapers, test results, and supporting documentation in accordance with AICPA standards.
  • Identify control gaps, exceptions, and improvement opportunities, and articulate them clearly to clients.
  • Assist with planning and scoping of SOC engagements, including risk assessments and control mapping.
  • Maintain up-to-date knowledge of SOC standards, regulatory expectations, and industry best practices.
  • Participate in internal quality reviews to ensure consistent, high-quality deliverables.
  • Communicate effectively with clients in both English and Spanish, verbally and in writing.

Required Qualifications

  • Minimum of 5 years of hands-on SOC audit or security compliance testing experience.
  • Active CISA certification (or equivalent such as CISSP, CPA with SOC experience, or ISO Lead Auditor).
  • Fluency in both English and Spanish (professional proficiency in speaking and writing).
  • Strong understanding of SOC 2 frameworks, AICPA Trust Services Criteria, and related auditing standards.
  • Experience evaluating IT general controls (ITGCs), cloud environments, identity and access management, change management, security monitoring, and related domains.
  • Excellent documentation and communication skills.
  • Ability to work independently, manage deadlines, and collaborate in a team-oriented environment.
  • Ability to conduct client walkthroughs independently.

Preferred Skills

  • Experience with CMMC assessments or implementations (Level 1–3).
  • Experience with SOC 1, ISO 27001, HIPAA, PCI, or other security/compliance frameworks.
  • Familiarity with cloud service providers (AWS, Azure, GCP).
  • Prior experience in a public accounting firm, cybersecurity consulting firm, or third-party assurance practice.
  • Strong analytical and problem-solving skills.

What we offer

  • Competitive compensation
  • Remote and flexible work environment
  • Professional development support and continuing education reimbursement
  • Opportunity to work with a wide range of clients and technologies
  • A collaborative, growth-focused culture