Job Description :
IT Audit/Security Compliance Consultant
Location: San Jose & San Francisco, CA (Hiring 1,2 candidates for Each location)
Duration: 6 Months Contract To Hire


Description
Originally 300,000 in billings, now $2mm – 3 people on the team.
IT audit – the type of work.
SOC – about this point 95% of our work is SOC audit.
Our clients need to comply with SOC audits for their own customers. The type of audit we’re doing is continuous. We deliver audits and reports at the end. We audit our customers normally every 6 months.
The primary growth is in SOC from clients – almost all startups. Almost all bay area.
We have SJ and SF. WE divide San Mateo and south and SM and north to minimize dirivng.
The growth is from the startups. If startups are in the B2B biz, they’ll need a SOC audit.
We’re currently getting accredited to allow to ISO27001 – we’re going to be a certifying body! We’re looking to get accreditation by eod of year. 90% of our startups are cloud based – SaaS.
We’re always auditing amazon.
They’ll have a number of clients depending on abilities. One that can handle associates.
Onsite work: Mostly in the office – we’re in downtown SJ. Once or twice a week at a client.
They’ll be exposed to bay area startups – not to old traditional companies. They’ll work primarily w/ cloud technology.
They’ll work with latest and greatest tools. They’ll know cloud security and AWS very well.
The company is stable – in our history, we’ve never had layoff’s, even during the recessions.
40 – 45 hours a week.
No travel!
There is an entrepreneurial spirit to our group. Everyone’s opinion counts.
If someone is interested in developing ISO from the ground up, they can build it out.

Experience:
Technical understanding
Audit skills – understanding of risk based audits. They should understand basic audit standards and how to audit controls.
Soft skills – working under pressure, good communicators in both written and oral. Proactive comm. Should be able to express themselves well and concisely. We do have a lot of pressure as a pro-services firm and be able to prioritize.