Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead SOC 2 Type II readiness and audit support activities in a dynamic environment.
- Company: Join a forward-thinking company focused on compliance in SaaS and cloud systems.
- Benefits: Enjoy remote work, flexible hours, and collaboration with industry leaders.
- Why this job: Make a real impact in compliance while working with innovative teams and technologies.
- Qualifications: Experience with SOC 2, ISO 27001, and GxP compliance is essential.
- Other info: Ideal for self-starters eager to enhance their skills in a regulated industry.
The predicted salary is between 36000 - 60000 £ per year.
We are seeking an experienced SOC 2 / IT GRC Specialist Contractor to support and guide our SOC 2 Type II accreditation program. This is a critical role in a fast-moving, regulated environment, requiring hands-on experience with SOC 2 frameworks, ISO 27001, IT GRC, and GxP compliance in SaaS and cloud-hosted systems. Working closely with our Information Security, Engineering, IT, QA, and Compliance teams, the successful candidate will assess current controls, implement necessary enhancements, and lead the organization through SOC 2 readiness and audit.
Key Responsibilities
- Lead and execute SOC 2 Type II readiness activities from planning through audit support.
- Perform a gap analysis against SOC 2 Trust Services Criteria (Security, Availability, Confidentiality).
- Collaborate with control owners to define, implement, and document controls in alignment with SOC 2 and GxP expectations.
- Author, review, and enhance IT and security policies, SOPs, and governance documentation.
- Support GxP-aligned validation and change control processes where required.
- Manage risk assessments, internal audits, and remediation plans.
- Work with external auditors and vendors to support audit execution and ensure control effectiveness.
- Provide training and guidance to internal teams to embed a culture of compliance and readiness.
- Support the development, implementation, and continuous improvement of the ISO/IEC 27001-aligned ISMS.
Required Skills & Experience
- Demonstrable experience leading or supporting a successful SOC 2 and ISO 27001 implementations.
- Solid understanding of the AICPA Trust Services Criteria and related IT/security controls.
- Experience working within GxP environments, particularly in relation to SaaS applications or hosted infrastructure.
- Proven ability to design and document policies and procedures that satisfy both SOC 2 and GxP requirements.
- Familiarity with validation, change control, and documentation practices in regulated industries.
- Comfortable engaging with cross-functional teams and third-party auditors.
- Self-starter with excellent organisational and project management skills.
Preferred Qualifications
- Bachelor’s degree in Information Security, Information Technology, Life Sciences, or related field.
- Experience in pharmaceutical, biotech, or healthcare technology sectors.
- Prior involvement in achieving compliance in both SOC 2 and GxP contexts.
- Familiarity with FDA 21 CFR Part 11, EU Annex 11, or similar regulations.
What We Offer
- A key role in a high-impact compliance and accreditation project.
- Remote-first working environment with flexible hours.
- Exposure to industry-leading SaaS platforms in a regulated domain.
- A collaborative team that values security, quality, and innovation.
Information Technology Governance, Risk, and Compliance employer: Qinecsa Solutions
Contact Detail:
Qinecsa Solutions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Technology Governance, Risk, and Compliance
✨Tip Number 1
Familiarise yourself with the SOC 2 framework and ISO 27001 standards. Understanding these frameworks in depth will not only help you during interviews but also demonstrate your commitment to the role and its requirements.
✨Tip Number 2
Network with professionals in the IT GRC field, especially those who have experience with SOC 2 and GxP compliance. Engaging in discussions or attending relevant webinars can provide insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss specific examples from your past experiences where you successfully led SOC 2 or ISO 27001 implementations. Highlighting your hands-on experience will set you apart from other candidates.
✨Tip Number 4
Showcase your ability to work collaboratively with cross-functional teams. Be ready to explain how you've effectively communicated and coordinated with different departments to achieve compliance goals in previous roles.
We think you need these skills to ace Information Technology Governance, Risk, and Compliance
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in SOC 2 and ISO 27001 implementations. Use specific examples that demonstrate your understanding of the AICPA Trust Services Criteria and your ability to work in GxP environments.
Craft a Compelling Cover Letter: In your cover letter, explain why you are passionate about IT governance, risk, and compliance. Mention your hands-on experience with SOC 2 frameworks and how you can contribute to the company's accreditation programme.
Showcase Your Skills: Clearly outline your skills related to risk assessments, internal audits, and policy documentation. Provide examples of how you've successfully led projects or collaborated with cross-functional teams in the past.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects your attention to detail, which is crucial in compliance roles.
How to prepare for a job interview at Qinecsa Solutions
✨Understand SOC 2 and ISO 27001 Frameworks
Make sure you have a solid grasp of the SOC 2 Trust Services Criteria and ISO 27001 standards. Be prepared to discuss how you've applied these frameworks in previous roles, as this will demonstrate your hands-on experience and understanding of compliance requirements.
✨Showcase Your Cross-Functional Collaboration Skills
This role requires working closely with various teams like Information Security, Engineering, and Compliance. Be ready to share examples of how you've successfully collaborated with different departments to achieve compliance goals or enhance security measures.
✨Prepare for Gap Analysis Discussions
Since performing a gap analysis is a key responsibility, think about past experiences where you've identified gaps in compliance or security controls. Be prepared to explain your approach to addressing these gaps and the outcomes of your efforts.
✨Demonstrate Your Project Management Abilities
As a self-starter with excellent organisational skills, be ready to discuss how you've managed projects in the past, particularly those related to compliance or risk management. Highlight any tools or methodologies you used to keep projects on track and ensure successful outcomes.
