Senior IT/GRC SOC 2 Auditor

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks. We’re not your traditional audit firm — we’re tech-enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients. Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC. If you’re a driven sales professional who thrives on building relationships, driving growth, and being part of a high-performance global team — this is your opportunity to sell trust, innovation, and impact with one of the most exciting firms in the audit industry. Role Summary As a Senior IT/GRC Auditor, you’ll lead day-to-day activities for SOC 2 and other IT compliance engagements. You will guide staff, engage with clients, and play a key role in the delivery of high-quality audits and readiness assessments. Key Responsibilities Lead ITGC and application control testing efforts Guide and review work completed by junior team members Perform walkthroughs, testing, and documentation for SOC 2, SOC 1, and HIPAA engagements Identify control gaps and provide recommendations for remediation Maintain strong client relationships through clear and proactive communication Ensure timely progress updates and elevate issues to management Requirements 3–4 years of experience performing IT audits, with a focus on ITGC and application controls Strong working knowledge of SOC 2 and related frameworks Bachelor’s degree in Accounting, MIS, Cybersecurity, or a related field Strong client communication and project management skills Bilingual in English required Nice to Have Experience with GRC tools (e.g., Vanta, Drata, Secureframe) Familiarity with cloud environments such as AWS, Azure, or GCP Progress toward CISA, CPA, CISSP, ISO 27001 Lead Auditor Perks and Benefits Remote work with flexible hours Paid holidays and time off Growth opportunities in a fast-paced firm Bonus incentives tied to performance Privacy Notice CCPA Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process. Insight Assurance does not sell personal data/information under any circumstances. You may exercise your rights under personal data protection legislation by reaching out to us via: or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602 Privacy Notice GDPR This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process. We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross-referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data. When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope. We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S. The categories of Personal Data under Processing consist of: Identification Contact Education and Professional Evaluation You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short: Right of Access – meaning getting information about the Personal Data under Processing by us, except for the information you already know Right of Erasure – you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it Right of Opposition or Restriction of Processing – you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it Rectification – you can rectify your Personal Data at anytime #J-18808-Ljbffr