Fractional SOC 2 Audit & Security Compliance Officer
Worldwide
About the Role Uveritech is seeking a fractional Security Compliance Officer to maintain our SOC 2 compliance posture on an ongoing basis. This is a part-time, flexible engagement suited to an experienced compliance professional who can work independently with minimal oversight. The role centers on two core responsibilities: keeping our Drata instance current and audit-ready, and managing the security questionnaire process for prospective and existing clients. Key Responsibilities SOC 2 Evidence & Audit Readiness (Drata) Maintain and update evidence collection within Drata to ensure continuous audit-readiness across all applicable Trust Services Criteria Monitor Drata for failing or expiring controls, evidence gaps, and integration issues; remediate or escalate as needed Coordinate with internal team members and system owners to collect manual evidence not captured via automated integrations Track and manage policy review/renewal cycles within Drata Liaise with our external audit firm to prepare for and support Type I/Type II audit fieldwork Monitor access reviews, vendor risk assessments, and other recurring compliance tasks required by our SOC 2 program Flag control or process gaps to leadership with recommended remediation steps Security Questionnaires Own the end-to-end response process for inbound security questionnaires from prospective and existing clients (e.g., CAIQ, SIG, custom vendor security assessments) Maintain a response library / knowledge base of standard answers, keeping content current as controls and policies evolve Coordinate with technical and operational staff to source accurate answers for non-standard questions Manage turnaround time to meet sales and account management deadlines Track questionnaire volume and common themes, surfacing recurring client concerns to leadership Qualifications Prior experience supporting a SOC 2 compliance program (Type I and/or Type II), ideally in a startup or small-company environment Hands-on experience with Drata or a comparable GRC platform (Vanta, Secureframe, etc.) — Drata experience strongly preferred Demonstrated experience completing vendor/customer security questionnaires (CAIQ, SIG Lite/Core, custom formats) Working knowledge of common frameworks and standards referenced in SOC 2 (e.g., NIST CSF, ISO 27001) — certification not required but a plus Strong written communication skills; comfortable translating technical controls into clear, non-technical language for sales and client-facing contexts Self-directed and comfortable working fractionally/remotely with limited day-to-day supervision Familiarity with startup environments where compliance processes and documentation may be in early stages of maturity
- Less than 30 hrs/weekHourly
- 6+ monthsDuration
- IntermediateExperience Level
$8.00
-
$40.00
Hourly- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:20 to 50
- Last viewed by client:last week
- Interviewing:0
- Invites sent:2
- Unanswered invites:2
About the client
- United StatesGlendora2:37 PM
- $197K total spent47 hires, 6 active
- 1,879 hours
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by