Senior Associate, SOC

Schellman is a Top 50 CPA firm and a leading provider of attestation and compliance services. Our professional services focus on security and privacy audits, assessments, and certifications. Schellman has become one of the largest cybersecurity assessment firms in the United States without providing any traditional accounting services. We are an accredited multi-framework ISO Certification Body for security, privacy, business continuity, and quality;

a globally licensed PCI Qualified Security Assessor and a top provider to clients serving the federal DoD space as a leading FedRAMP 3

PAO and the first assessment firm authorized as a CMMC C3

PAO. Our specialty and expertise remain in providing best in class Cybersecurity and IT Audits and Attestations. Our culture, approach with clients, and dedication to our values has led us to consistently be a Great Places to Work certified company and rated as a Best Firms to Work For by Accounting Today and a Glassdoor Best Places to Work. We deeply appreciate our employees, as shown by our first core value – People Come First.

This is demonstrated in our culture, benefits, and how we handle business. Come see what makes Schellman special!

Senior associates are primarily responsible for hands-on project execution. Experienced senior associates have, or are working towards, specialization in one or more service lines and are assigned to projects accordingly. Senior associates are assigned to a specific service delivery principal that is responsible for supervising the associate’s career development. Additionally, senior associate’s daily activities are closely supervised by the management teams of their assigned projects.

Senior associates may supervise associates and/or senior associates when serving as a member of a project management team.

There is no typical day for our SOC teams. While our lead focus is on SOC examinations, our clients also rely on us to perform multiple types of attestations similar to SOC across a variety of network, application, or cloud environments. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest technologies.

Our teams are mostly remote (yet extremely collaborative) and work together to utilize their unique backgrounds and experience to provide the high level of quality service that our clients have come to  addition to the hands-on knowledge you’ll develop with each project, Schellman also promotes a continuous learning environment. Team members are encouraged to attend at least one training event every year to build upon their skills and acquire new certifications.

A Senior Associate will hold the following roles and responsibilities as part of their role:

Demonstrate proficiency in Schellman Methodology Serve as a guide to Associates and peers through information sharing, support, and thought leadership.

Earn Schellman-approved certifications CCSK (minimum requirement for SD, (ISO Lead Auditor, One of the following three – CCSP/CISA (CCSP may be accepted in place of the CISA), CISSP, AWS CCP, etc.), the ISO LA within second year in the role Successfully run a project from fieldwork through completion including the following:
Demonstrate the ability to successfully complete all assigned testing, workpaper documentation, testing exception documentation, draft report creation, and management representation letter preparation

Understand and demonstrate ability to speak to Schellman's service lines at a high level and their leaders

Demonstrate proficiency of SOC 1 ITGCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria

Demonstrate understanding of Principal Service Commitments and System Requirements (PSCRs) and how they impact scope of a SOC 2

Demonstrate the ability to derive PSCRs through client documentation and interviews

Know all four report opinion outcomes and ability to draft modified opinions

Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion

Demonstrate self-organization, consistently and proactively look ahead to future…