Senior SOC Consultant (System & Organization Control) in Boston, MA at CBIZ

Date Posted: 10/17/2020

Job Snapshot

Job Description

With over 100 offices and nearly 5,000 associates throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level tax compliance, consulting and co-sourcing services to Private Equity firms of all sizes, by providing national-caliber expertise combined with highly personalized service.  

CBIZ has been honored to be the recipient of several national recognitions:  

  • 2020 Best Workplaces in Consulting & Professional Services by Great Place to Work®  
  • 2019 America’s Best Mid-Size Employers by Forbes 
  • 2019 Workplace Excellence Seal of Approval by the Alliance for Workplace Excellence 
  • Top 101 highest scoring companies in the country for Best and Brightest Companies to Work For in the Nation by the National Association for Business Resources  

Together, CBIZ and Mayer Hoffman McCann P.C. (MHM) are ranked as one of the top providers of accounting services in the United States. MHM is an independent CPA firm that provides audit, review and attest services, while CBIZ provides, business consulting, tax and financial services.  

CBIZ & MHM New England is part of the 10th largest accounting*, tax, and advisory services provider in the nation. Our two New England offices are located in Boston and  Providence and have over 240 people, including over 40 Managing Directors. We uniquely combine national resources with local decision-making by experienced, New England-based professionals who are dedicated to strengthening our clients' financial positions. 

This position will be responsible for leading and executing System and Organization Controls (SOC) and IT risk and security engagements to assist clients in reducing overall business risk and improving the IT security and controls of the organization.   We are seeking someone with SOC1 and SOC 2 skillsets and experiences.  This person will be performing SOC 2 attestation engagements. They should also have experience in other SOC-related engagements (SOC 1, SOC 2 +, SOC for Cybersecurity, etc.). This individual will be managing and working on consulting engagements and Attestation engagements

Essential Functions and Primary Duties

  • Managing engagements that assess the design and operating effectiveness of IT/business processes and procedures to meet client objectives including alignment with frameworks and compliance with laws and regulations
  • Managing IT risk and security assessments to evaluate confidentiality, processing integrity, availability, security, and privacy concerns
  • Advising management during consulting engagements, pre-assessments, and gap assessments
  • Training and managing seniors and staff in critical IT security SOC skills and methodologies
  • Experience in providing middle market IT risk and security services in the following is required:
  • Cybersecurity controls assessments (NIST, CIS 20, ISO 27001, COBIT, PCI DSS, HIPAA, etc.)
  • Security governance & oversight
  • Cybersecurity policies & procedures
  • Employee security awareness training and execution
  • Business continuity/disaster recovery
  • Penetration testing
  • Vulnerability assessments/testing
  • Social engineering
  • Cybersecurity strategy & plan development
  • Cybersecurity policy development
  • IT security controls improvement
  • Virtual Chief Information Security Officer (vCISO)
  • Evaluates and defines client requirements for IT risk & security projects
  • Defines scope and estimates project costs and details
  • Develops client relationships
  • Attends industry meetings to market CBIZ services
  • Presents technical papers and markets CBIZ capabilities
  • Directs engagements  by managing junior staff or contractors to meet project commitments

Preferred Qualifications

  • 3 years of combined IT security & controlsSOC1 and SOC2 delivery experience
  • Bachelor’s degree in Accounting or Information Systems / IT Security or related discipline
  • Demonstrated ability to document security and control issues, business impact, and management action plans
  • Ability to take on a business development role in the firm
  • Strong background in IT sSecurity control assessments
  • Knowledge of COBIT and COSO and Sarbanes Oxley legislation and impact, HIPAA, Safe Harbor Privacy Rules and other regulations
  • Strong background in technical security systems and environments
  • Demonstrated ability to plan and manage engagements along with ensuring deliverables meet work-plan specifications and deadlines
  • CISA , CISSP,  CISM, and IT Security-related certifications preferred
  • Limited travel required based upon clients needs

Minimum Qualifications

  • Bachelor’s degree in relevant field
  • 3 years of relevant work experience
  • Achieve professional certifications relative to area of expertise, must have and preserve required licenses
  • Must possess analytical skills
  • Proficient use of applicable technology
  • Demonstrated ability to communicate verbally and in writing throughout all levels of organization, both internally and externally
  • Must be able to travel based on client and business needs


  1. Auditor Jobs
  2. Internal Auditor Jobs

not ready to apply ?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.