Senior Associate - SOC & HiTrust

JOB SUMMARY
The role of SOC: Associate/Senior Associate is to perform SOC1 and SOC 2 audit procedures in areas, while building technical competence and function as the primary day to day contact for the clients. AKM Global is growing, and we need an experienced, motivated, and dedicated Associate/Senior Associate. A career in our audit & assurance sector will provide you with the opportunities to develop advanced technical auditing skills in a variety of industries & clients. This Associate/Senior Associate role is defined for you to be working with our member firms & clients onshore. You shall be responsible for reporting to Assistant Manager/Manager, working and coordinating & timely communicating with engagement teams by developing and exhibiting a command of I.T. Audit techniques and methods, while ensuring best business practices are in place along with highest client satisfaction. You will experience ongoing professional development through diverse experiences, different trainings, and coaching.

MAJOR JOB TASKS/ASSIGNMENTS:

• SOC 1 Audits
• SOC 2 Audits
• SOC Memo Reporting
• HITRUST Readiness & Validated Assessments
• SOX Reporting
• HIPAA Risk Assessments
• Vendor Risk Management
• Documentation Efforts, and Other Security Assurance and Advisory Engagements

DETAILED JOB DESCRIPTION:

SOC Reporting:

• Preparing and drafting SOC 1 and SOC 2 reports, especially for US Healthcare clients as per AICPA norms.
• Performing various types of testing by Sampling method such as New/Existing/Terminated Employee Testing, Administrative Items Testing, Change Management Testing, Admin Access Testing, etc.
• Follow-up with clients to provide additional samples for the identified gaps to perform Additional Testing as required.
• Preparing SOC Memos as per defined format for US clients.

HITRUST Reporting:

• Testing the Policies/Procedures for HITRUST unique IDs/baselines for all 19 domains and recording the gaps.
• Completing the HITRUST upload process by attaching support documentation at the HITRUST MyCSF Portal and scoring the baselines as per HITRUST Rubric.
• Performing the Implementation Testing by checking the evidence’s provided by the client and recording the gaps.
• Sending the baselines back to the client for revising the scoring for gaps identified while testing and agreeing on the same with client.
• Scoring and signing-off the baselines in the testing Smartsheets.

A SUCCESSFUL CANDIDATE SHOULD:

• Possess sufficient technical knowledge to work on engagements independently, including coordinating.
• Understand the workflow & tasks with client; updating work papers and other products produced with utmost quality for engagement teams.
• Performing and taking ownership for delivery of high-quality audit work.
• Build strong credibility through displaying good insight and business acumen, applying technical.
• Be Competent enough to engage in relevant discussions with clients’ and engagement teams.

KEY RESPONSIBILITIES:

• Develop and maintain productive working relationships with onshore and engagement teams.
• Informing the engagement leaders with ongoing status of SOC & HITRUST Engagements.
• Contribute ideas/opinions within the team.
• Develop an understanding of our service offerings.
• Ensure all work papers are complete, consistent, and contain the testing performed, evidence obtained, and conclusions reached with appropriate documentation.
• Identify key issues while facing clients and discuss possible solutions to increase quality and efficiency.

TO QUALIFY, CANDIDATES MUST HAVE:

• A bachelor’s degree with minimum of 1-2 years of related work experience in a similar firm.
• B. Tech./M. Tech (only in I.T./Computer Science)/MCA with 1-2 years of experience in above mentioned engagements in one of the Big 4s or Big 10s or firms performing similar work.
• CAs with prior similar experience in I.T. Audit related work can apply.
• CA Dropouts are also eligible (candidates having prior experience in IT Audits are preferred).
• I.T. related certifications like HITRUST CCSFP/DISA/CISA/CISM/CISSP will be an added advantage.
• Advanced written and verbal communications skills.
• Dedicated team player who reports effectively to leadership/immediate supervisor.
• Integrity within a professional work environment.
• Immediate joiners are preferred.