SOC2 & CMMC Internal Auditor Liaison

This position is posted by Jobgether on behalf of VICTORY. We are currently looking for a SOC2 & CMMC Internal Auditor Liaison in the United States.

This is a key role that bridges internal teams, external auditors, and compliance frameworks to ensure the organization meets high standards in security and operational excellence. You will lead internal audit efforts around SOC2, CMMC, and FedRAMP, helping to develop and manage audit processes while influencing the company’s overall compliance posture. This position requires a strong analytical mindset, a collaborative spirit, and a proactive approach to risk management and documentation. If you enjoy working across departments and want to contribute meaningfully to a company’s audit readiness, this role is for you.

Accountabilities:

• Design and implement an internal audit program for SOC2, CMMC, and FedRAMP frameworks.
• Lead the annual audit process, including selecting external auditors and managing end-to-end execution.
• Conduct data and risk analyses, evaluate internal controls, and assess the effectiveness of business processes.
• Continuously collect and analyze operational data to address gaps and mitigate risks before they become findings.
• Maintain strong relationships with external auditors and anticipate evolving compliance requirements.
• Educate internal teams on audit expectations, risk assessments, and control best practices.
• Document corrective actions based on audit findings and track their resolution.
• Respond to client documentation requests and manage communication around compliance standards.
• Monitor and interpret changes in CUECs from vendors and partners to ensure ongoing compliance.

Requirements

• Experience with auditing standards and risk-based internal auditing methodologies.
• Strong understanding of IT controls in a cloud-based environment.
• Proven ability to analyze data, policies, and procedures to support audit objectives.
• Skilled in communicating complex compliance topics clearly, both in writing and verbally.
• Ability to work cross-functionally across levels—from drafting documentation to strategic planning.
• Trustworthy and collaborative, with a commitment to organizational culture and values.
• Preferred: Familiarity with DOD cybersecurity standards (e.g., NIST 800-171) and FedRAMP requirements.

Benefits

• Competitive compensation aligned with senior-level responsibilities.
• Flexible remote work options and a people-first organizational culture.
• Opportunities for professional growth within a mission-driven environment.
• Health, dental, and vision insurance coverage.
• Meaningful work impacting cybersecurity, compliance, and operational integrity.
• Autonomy and influence in shaping audit and compliance strategy within a small team.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role.
Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.

Thank you for your interest!

#LI-CL1