SOC 2 Testing Engineer

Position Profile: Testing Engineer (Remote Mexico)

Job Title: SOC 2 Senior Tester
Location: Remote (LATAM)
Employment Type: Full-Time
Experience Level: Senior (5 years SOC audit/testing experience)

Role Overview
We are seeking an experienced SOC 2 Senior Tester to join our assurance team. This role is responsible for performing detailed control testing evaluating evidence documenting results and supporting the successful delivery of SOC 2 engagements for clients across various industries. The ideal candidate is highly organized technically knowledgeable and comfortable working directly with clients in both English and Spanish.

Key Responsibilities

• Lead and perform SOC 2 Type I and Type II control testing including walkthroughs evidence evaluation and test documentation.

• Assess the design and operating effectiveness of controls across Security Availability Processing Integrity Confidentiality and Privacy Trust Services Criteria.

• Collaborate closely with engagement managers and clients to obtain required evidence and clarify control expectations.

• Draft audit workpapers test results and supporting documentation in accordance with AICPA standards.

• Identify control gaps exceptions and improvement opportunities and articulate them clearly to clients.

• Assist with planning and scoping of SOC engagements including risk assessments and control mapping.

• Maintain up-to-date knowledge of SOC standards regulatory expectations and industry best practices.

• Participate in internal quality reviews to ensure consistent high-quality deliverables.

• Communicate effectively with clients in both English and Spanish verbally and in writing.

Required Qualifications

• Minimum of 5 years of hands-on SOC audit or security compliance testing experience.

• Active CISA certification (or equivalent such as CISSP CPA with SOC experience or ISO Lead Auditor).

• Fluency in both English and Spanish (professional proficiency in speaking and writing).

• Strong understanding of SOC 2 frameworks AICPA Trust Services Criteria and related auditing standards.

• Experience evaluating IT general controls (ITGCs) cloud environments identity and access management change management security monitoring and related domains.

• Excellent documentation and communication skills.

• Ability to work independently manage deadlines and collaborate in a team-oriented environment.

• Ability to conduct client walkthroughs independently.

Preferred Skills

• Experience with CMMC assessments or implementations (Level 13).

• Experience with SOC 1 ISO 27001 HIPAA PCI or other security/compliance frameworks.

• Familiarity with cloud service providers (AWS Azure GCP).

• Prior experience in a public accounting firm cybersecurity consulting firm or third-party assurance practice.

• Strong analytical and problem-solving skills.

What we offer

• Competitive compensation

• Remote and flexible work environment

• Professional development support and continuing education reimbursement

• Opportunity to work with a wide range of clients and technologies

• A collaborative growth-focused culture