Location: Ireland
Department: Governance, Risk & Compliance
Description
The Senior GRC Analyst II – SOC 2 will serve as a technical leader and subject matter expert focused on SOC 2 readiness and examination engagements, with deep specialization in SOC 2 automation platforms (e.g., Drata, Vanta, Secureframe, etc.). This role is responsible for leading complex SOC 2 engagements from readiness through reporting, driving platform optimization for clients, and serving as a strategic advisor on control design, implementation, and automation. The Senior Analyst II combines strong technical knowledge of SOC 2, ITGCs, and cloud environments with hands‑on expertise configuring and managing SOC 2 compliance platforms to streamline evidence collection, continuous monitoring, and audit execution. This individual will lead multiple SOC 2 engagements simultaneously, mentor junior team members, enhance SOC 2 methodologies and platform integrations, and strengthen client relationships through proactive, insight‑driven advisory. The role plays a critical part in scaling Sensiba’s SOC 2 practice by improving efficiency, automation, and client experience. Only candidates in Ireland will be considered at this time.
Key Responsibilities
Lead SOC 2 Type I and Type II readiness and examination engagements under the AICPA Trust Services Criteria.
Own engagement planning, scoping, timeline management, and execution across multiple concurrent SOC 2 clients.
Advise clients on control design and implementation aligned to the Trust Services Criteria (Security, Availability, Confidentiality, Processing Integrity, Privacy).
Evaluate readiness gaps and develop actionable remediation roadmaps.
Serve as internal and external subject matter expert on SOC 2 automation platforms (e.g., Drata, Vanta, Secureframe, or similar tools).
Configure and optimize client platform environments, including:
Control mapping
Evidence workflows
Automated integrations (cloud providers, ticketing systems, HRIS, code repositories, etc.)
Continuous monitoring settings
Review automated control outputs and exception reporting to ensure audit defensibility.
Identify opportunities to improve automation coverage and reduce manual evidence collection.
Partner with clients to mature their compliance operations using platform analytics and reporting.
Review, document, and test IT general controls (logical access, change management, system operations).
Evaluate automated and application controls within SaaS, cloud‑native, and hybrid environments.
Assess controls over infrastructure environments (AWS, Azure, GCP), identity management, and DevOps workflows.
Validate evidence sufficiency and completeness within SOC 2 platforms to support audit conclusions.
Serve as primary point of contact for SOC 2 clients, including executive‑level stakeholders.
Present audit findings, risk insights, and strategic recommendations to leadership.
Advise high‑growth SaaS clients on building scalable, audit‑ready compliance programs.
Support sales and go‑to‑market efforts for SOC 2 services, including scoping and technical input on proposals.
Mentor junior analysts on SOC 2 methodology, platform navigation, and control testing best practices.
Contribute to the refinement of SOC 2 templates, testing programs, and platform playbooks.
Identify efficiencies to standardize and scale SOC 2 engagements across the practice.
Support training initiatives to elevate internal SOC 2 platform expertise.
Skills, Knowledge and Expertise
4+ years of experience in SOC 2, IT audit, or GRC, preferably within public accounting or consulting.
Demonstrated experience leading SOC 2 Type I and Type II engagements.
Hands‑on experience administering or auditing within SOC 2 automation platforms (e.g., Drata, Vanta, Secureframe, or similar).
Deep understanding of:
AICPA Trust Services Criteria
IT General Controls (ITGCs)
Cloud environments (AWS, Azure, GCP)
SaaS operational environments
Experience reviewing automated evidence and continuous monitoring outputs.
Strong client advisory and presentation skills, including executive‑level communication.
Ability to manage multiple engagements in fast‑paced, high‑growth environments.
Preferred:
Experience working with venture‑backed or high‑growth SaaS companies.
Familiarity with adjacent frameworks (ISO 27001, NIST CSF).
Professional certifications such as CISA, CISSP, CISM, or CRISC.
Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field; advanced degree a plus.
Compensation & Benefits
There are many reasons to join the Sensiba team: generous benefits, competitive compensation, professional advancement opportunities, and above all — our people. If you’re looking for an environment that offers you growth, success, and professionalism without compromising your family, passions, and life outside of work, apply today! Sensiba has a robust offering of benefits, including:
Comprehensive Health Coverage – Medical, dental, and vision.
Generous Paid Time Off – Vacation, sick time, holidays, parental leave and volunteer days.
Flexible Work Arrangements – Hybrid or remote options, flexible hours.
Performance‑Based Bonus – Recognition for your contributions through discretionary bonuses.
Professional Development Opportunities – Tuition reimbursement, certifications, mentorship.
Career Growth & Internal Mobility – Clear paths for advancement and role transitions.
Inclusive & Supportive Culture – DEI initiatives, employee resource groups, wellness programs.
#J-18808-Ljbffr