SOC Audit Specialist (Denmark)

Job Description:

The SOC Audit Specialist will be a part of a global team of Security Compliance Audit Coordinators that are responsible for planning, coordinating, facilitating, and providing guidance to DXC account and delivery teams, and/or groups of control owners and subject matter experts responsible for specific operational areas and functions supporting technology systems or tools (collectively referred to herein as “DXC teams”) in scope of System and Organization Controls (SOC) audits and other attest engagements.

The SOC Audit Specialist will plan and coordinate the development and execution of the internal audit plan with respect to appropriate regulatory and assurance compliance audit coverage, and interface/assist external audit teams as needed. The SOC Audit Specialist will act as a liaison between the DXC teams and the auditing firm ensuring effective planning, creation of and adherence to timelines and effective communication and interpretation of SOC audit evidence and issues. Candidates should have a strong background in developing processes, procedures, and the methodologies to ensure compliance.

The selected candidate will:

• Become familiar with SOC audit and security compliance requirements to effectively communicate DXC security standards and SOC audit requirements (e.g., SSAE 18, ISAE 3000, ISAE 3402) as needed to help DXC teams achieve successful audit outcomes.
  
  
• Understand in-country regulatory requirements with regards to sharing of data internal and external to DXC.
  
  
• Develop a compliance verification strategy in collaboration with DXC teams.
  
  
• Analyze and proactively plan and communicate changes within control environments for the assigned control area(s), to identify, evaluate, and address risks and impact to the SOC audits, DXC teams and internal organizations.
  
  
• Serve as the primary point of contact for questions related to the assigned control area(s) managed for SOC audits.
  
  

Responsibilities include:

• Creates and updates audit plans, manages control procedures.
  
  
• Plans and executes internal information security assessments and audit engagements.
  
  
• Improves audit experience for DXC teams and customers by providing timely and accurate audit guidance and supporting audit evidence.
  
  
• Verifies compliance with security policies.
  
  
• Performs internal risk analysis and creates remediation plans to ensure compliance.
  
  
• Manages audit activities and maintains understanding of audit requirements to meet audit timelines.
  
  

Job Requirements, Essential:

• Previous auditor experience with an auditing firm is a strong plus.
  
  
• Experience with emphasis in information technology, information security, regulatory or other compliance management.
  
  
• Excellent understanding of project management principles.
  
  
• Experience with risk management techniques.
  
  
• Knowledge of regulatory and assurance compliance requirements (such as ISO 27001, SSAE 18 (SOC 1 & 2), HIPAA/HITECH, PCI, NIST 800-53, and/or Data Privacy).
  
  
• Excellent communication skills; written and verbal.
  
  
• Team player.
  
  
• Experience with GRC tools (such as Archer) a plus.
  
  

Qualifications:

• 4-6 years equivalent experience in security, compliance, and data privacy.
  
  
• Bachelors or undergraduate degree or equivalent diploma, or combination of education and relevant experience.
  
  
• Skilled in planning, problem solving, analysis, collaboration, and communication.
  
  
• Strong organization skills to balance work and execute audit plans for complex systems in a highly matrixed organization.
  
  
• Proficient with Microsoft Office suite (Word, Excel, PowerPoint) & Share Point.
  
  
• Professional certifications such as PMP, CISA, CISM, CISSP, etc. a plus.
  
  

At [xxxxx], we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.