Title: Security Analyst, SOC 2 Audit Support Location: Remote Employment Type: 6 months (April – October, Audit Ramp-Up & Wind-Down Support US Citizen or Green card only. Role Overview The Security Analyst will support the preparation and execution of a SOC 2 audit led by a third-party firm, coordinating across IT and Security teams to ensure timely, accurate, and complete evidence submission for 112 controls and approximately 364 audit requests. This is a project-based role focused on verification, coordination, documentation quality, and deadline management rather than primary control ownership. The individual will review control evidence for accuracy, validate timestamps and query outputs, and ensure documentation meets auditor expectations. The role includes facilitating walkthrough meetings, coordinating internal control owners, tracking remediation items, and proactively communicating potential findings to management. Success requires strong organizational skills, attention to detail, and the ability to manage multiple stakeholders under tight deadlines. Purpose This role provides the opportunity to play a critical part in ensuring the successful completion of a high-visibility SOC 2 audit that directly supports the company’s trust posture, customer commitments, and business growth objectives. The individual will be at the center of audit execution and cross-functional coordination during a strategically important period. Growth The position offers hands-on exposure to SOC 2 control testing, audit coordination, and third-party auditor engagement across 112 controls, providing practical experience in compliance program execution. The scope and complexity of managing 364 evidence requests in a compressed timeline will significantly strengthen audit readiness and compliance operations expertise. Motivators This role is ideal for someone who thrives in structured, deadline-driven environments, enjoys improving documentation quality, and takes pride in preventing issues before they escalate. The work offers measurable impact, cross-functional visibility, and the satisfaction of driving a complex audit to successful completion. Performance Objectives 1. Execute Comprehensive Evidence Verification for 112 SOC 2 Controls Within the first 30 days, develop a structured tracking system to manage approximately 364 audit evidence requests across 112 in-scope controls. Over the course of the audit preparation phase, review all submitted screenshots, system extracts, and documentation to ensure timestamps, query parameters, and required attributes meet auditor criteria before submission. Achieve a minimum 95% first-pass acceptance rate by external auditors and reduce rework cycles through proactive quality control and clear communication with control owners. This objective may be enhanced using AI-enabled document comparison or automated evidence validation tools to detect inconsistencies before submission. 2. Coordinate and Facilitate SOC 2 Walkthrough Meetings and Auditor Engagement Plan and coordinate walkthrough sessions between internal stakeholders and third-party auditors, ensuring appropriate control owners are prepared and available to respond. Maintain a real-time audit status tracker and provide weekly updates to management outlining progress, open items, and potential findings. Ensure all walkthrough documentation is complete within 48 hours of each session and that action items are assigned and tracked to closure. Success will be measured by on-time completion of all scheduled walkthroughs and zero missed response deadlines. 3. Proactively Identify, Escalate, and Support Remediation of Potential Findings Review submitted evidence and control narratives to identify gaps, inconsistencies, or areas of non-compliance prior to auditor discovery. Escalate potential findings to IT and Security leadership within two business days of identification and assist in coordinating remediation plans. Track remediation progress and ensure closure documentation is audit-ready prior to final submission. Outstanding performance will result in minimized formal findings and successful completion of audit preparation by the October wind-down milestone. Critical Subtasks 1. Build and Maintain a Centralized Audit Tracking Framework Within the first two weeks, establish a centralized control tracking system mapping each of the 112 controls to its associated evidence requests, control owners, due dates, and status. Ensure daily updates during peak audit periods and maintain complete traceability between evidence and control requirements. Success will be measured by zero missed evidence deadlines and full visibility for management at all times. 2. Validate Technical Evidence Accuracy and Timestamp Integrity Review screenshots, logs, and query outputs to confirm that required timestamps, reporting periods, and data filters align precisely with SOC 2 testing criteria. Communicate discrepancies to control owners within one business d