Information Technology Governance, Risk, and Compliance
Social network you want to login/join with:
Information Technology Governance, Risk, and Compliance, united kingdom
col-narrow-left
Client:
Qinecsa Solutions
Location:
Job Category:
Other
-
EU work permit required:
Yes
col-narrow-right
Job Views:
4
Posted:
28.04.2025
Expiry Date:
12.06.2025
col-wide
Job Description:
About the Role We are seeking an experienced SOC 2 / IT GRC Specialist Contractor to support and guide our SOC 2 Type II accreditation program. This is a critical role in a fast-moving, regulated environment, requiring hands-on experience with SOC 2 frameworks, ISO 27001, IT GRC, and GxP compliance in SaaS and cloud-hosted systems. Working closely with our Information Security, Engineering, IT, QA, and Compliance teams, the successful candidate will assess current controls, implement necessary enhancements, and lead the organization through SOC 2 readiness and audit.
Key Responsibilities
- Lead and execute SOC 2 Type II readiness activities from planning through audit support.
- Perform a gap analysis against SOC 2 Trust Services Criteria (Security, Availability, Confidentiality).
- Collaborate with control owners to define, implement, and document controls in alignment with SOC 2 and GxP expectations.
- Author, review, and enhance IT and security policies, SOPs, and governance documentation.
- Support GxP-aligned validation and change control processes where required.
- Manage risk assessments, internal audits, and remediation plans.
- Work with external auditors and vendors to support audit execution and ensure control effectiveness.
- Provide training and guidance to internal teams to embed a culture of compliance and readiness.
- Support the development, implementation, and continuous improvement of the ISO/IEC 27001-aligned ISMS
Required Skills & Experience
- Demonstrable experience leading or supporting a successful SOC 2 and ISO 27001 implementations.
- Solid understanding of the AICPA Trust Services Criteria and related IT/security controls.
- Experience working within GxP environments, particularly in relation to SaaS applications or hosted infrastructure.
- Proven ability to design and document policies and procedures that satisfy both SOC 2 and GxP requirements.
- Familiarity with validation, change control, and documentation practices in regulated industries.
- Comfortable engaging with cross-functional teams and third-party auditors.
- Self-starter with excellent organisational and project management skills.
Preferred Qualifications
- Bachelor’s degree in Information Security, Information Technology, Life Sciences, or related field.
- Experience in pharmaceutical, biotech, or healthcare technology sectors.
- Prior involvement in achieving compliance in both SOC 2 and GxP contexts.
- Familiarity with FDA 21 CFR Part 11, EU Annex 11, or similar regulations.
What We Offer
- A key role in a high-impact compliance and accreditation project.
- Remote-first working environment with flexible hours.
- Exposure to industry-leading SaaS platforms in a regulated domain.
- A collaborative team that values security, quality, and innovation.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
