itD is seeking a Cloud Security Compliance Engineer (SOC 2 Automation) to lead the design and implementation of automated evidence collection and compliance processes that strengthen security governance and ensure audit readiness across cloud environments. This role will drive scalable compliance automation, streamline SOC 2 reporting efforts, and help maintain a strong security posture through efficient evidence management and cross-team collaboration. The ideal candidate will bring deep experience in cloud security compliance and automation and a track record of delivering reliable, audit-ready evidence pipelines that improve operational efficiency and reduce manual compliance overhead. Location: Remote (United States) Duration: 3 months We provide comprehensive medical benefits, a 401k plan, paid holidays, and more. Please note that we are only considering direct W2 candidates at this time, as we are unable to offer sponsorship. Responsibilities: • Design, develop, and maintain automated processes and tools to collect and manage evidence required for SOC 2 compliance.• Establish and manage evidence retention policies and procedures to ensure alignment with SOC 2 requirements and audit standards.• Develop and execute structured plans for collecting and organizing compliance evidence related to security controls, policies, and operational procedures.• Collaborate with cross-functional teams to integrate automated evidence collection processes into existing systems and workflows.• Maintain clear documentation of automation processes and produce detailed compliance reports to support audit readiness.• Validate the accuracy and completeness of compliance evidence and work with internal stakeholders to resolve discrepancies or gaps.• Identify opportunities to improve automation, reliability, and scalability of evidence collection and compliance reporting processes. Internal Responsibilitie: • Attend regular internal practice community meetings.• Collaborate with your itD practice team on industry thought leadership.• Complete client case studies and learning material (blogs, media material).• Build out material to contribute to the Digital Transformation practice.• Attend internal itD networking events (in person and virtual).• Work with leadership on career fast-track opportunities. Required Qualifications and Skills: • Experience designing and implementing automated processes for SOC 2 compliance evidence collection.• Experience collecting and managing SOC 2 compliance evidence within a cloud security environment.• Strong understanding of SOC 2 frameworks, security controls, and compliance requirements.• Experience with cloud security and operations in Google Cloud Platform (GCP).• Strong knowledge of GCP security best practices, controls, and compliance standards.• Experience with scripting or automation tools such as Python or Go. Preferred Qualifications and Skills: • Industry security certifications such as CISSP or CISM.• Experience with security automation and compliance tooling.• Familiarity with cloud workload protection and security monitoring platforms.• Experience supporting security audits and compliance assessments. Education: • Bachelor’s degree in Computer Science, Information Technology, or a related field required.• Master’s degree preferred. Company Description About itD: We are part of a new generation of consulting and software development company that blends diversity, innovation, and integrity with real business results. Our structure rejects any strong hierarchy, empowering us to deliver excellent results. We are a woman- and minority-led firm. Every day, we challenge ourselves to be considerate, fair and to re-think what great outcomes mean for our customers. This permeates down to how we approach every interaction, on every project, for every client. You’ll thrive here if you are a dynamic self-starter, a difference-maker or someone who wants to deliver great results, without constraints. The itD Digital Experience: Joining us means you’ll be part of our global community, you have a say about your own career journey, and you’ll get a chance to give back to causes that matter. You will experience working with Fortune 500 companies and high-performance teams across numerous industries. itD offers our employees excellent benefits such as medical, dental, vision, life insurance, paid holidays, 401K + matching, networking & career learning and development programs. We are growing and we want to see you grow! Visit https://itdtech.com/careers to learn more about what working at itD can mean for you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. itD is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or to perform the essential functions of a position, please contact us at recruiting@itdtech.com and let us know the nature of your request and your contact information. Additional Info Dynamic environment in a culture of respect, empowerment and recognition for a job well done, apply today!

• Perform cybersecurity assessments of OT/ICS environments, including SCADA systems, PLCs, RTUs, HMIs, field devices, and supporting network infrastructure. • Identify vulnerabilities, analyze risk posture, and develop actionable remediation plans aligned with industry standards and federal requirements. • Support implementation and documentation of controls in accordance with the Risk Management Framework (RMF) and applicable cybersecurity frameworks (e.g., NIST-based standards). • Develop and maintain required cybersecurity documentation, including System Security Plans (SSPs), security assessment reports, Plans of Action & Milestones (POA&Ms), and related compliance artifacts. • Collaborate with engineering, network, and project management teams to ensure cybersecurity requirements are integrated into system design and deployment. • Support Authority to Operate (ATO) efforts and ongoing compliance monitoring activities. • Conduct technical reviews, analyze system configurations, and recommend improvements to enhance system resilience and regulatory compliance. • Provide clear, concise, and technically sound written deliverables for Federal clients. • Support project planning, scheduling, and execution activities as needed.

• You create, build, test, deliver and support infrastructure, automation, and employees tooling • Architect and maintain a Zero Trust corporate infrastructure • You lead infrastructure changes, evolve system design and foster good engineering practices • Hands On: Design and deploy a unified detection and response pipeline using Security as a Code approach • Security Policy Management: Create, implement, manage, and enforce security policies and procedures • Security Assessment & Monitoring: Drive continuous threat modeling and automated vulnerability management

• Implement, configure, and optimize IBM QRadar SIEM solutions within enterprise environments • Integrate and manage log sources including firewalls, endpoints, servers, and network devices • Develop and maintain custom correlation rules, alerts, dashboards, and reports • Track and analyze security events to identify potential threats and suspicious activities • Support incident investigation and response using QRadar analytics and threat intelligence • Conduct SIEM tuning to reduce false positives and improve detection accuracy • Document system configurations, architecture, and operational procedures • Offer knowledge transfer and guidance to internal security and SOC teams