SOC 2 is an attestation report, defined by the AICPA's Trust Services Criteria, that tells customers an organization's controls over security, and optionally availability, processing integrity, confidentiality, and privacy, are designed and operating effectively. A Type I report assesses design at a point in time, a Type II report assesses operating effectiveness over a period, usually three to twelve months. It is not a law, but for B2B software and cloud companies it has become the price of doing business, the report a prospect's security team asks for before signing.
Because almost every SaaS company needs one, SOC 2 readiness and audit work is one of the highest-volume entry points in GRC. The roles run from building the control environment and evidence collection to managing the audit and the auditor relationship, and they are a common on-ramp to broader security-compliance and GRC careers.
SOC 2: Frequently Asked Questions
What is SOC 2?
SOC 2 is an attestation report based on the AICPA Trust Services Criteria that demonstrates an organization's controls over security and, optionally, availability, processing integrity, confidentiality, and privacy are effective.
What is the difference between SOC 2 Type I and Type II?
Type I assesses whether controls are suitably designed at a point in time. Type II assesses whether they operated effectively over a period, typically three to twelve months.
Is SOC 2 required by law?
No. SOC 2 is voluntary, but it is effectively required by customers in B2B software and cloud, where security teams request it before purchasing.
Open SOC 2 GRC roles (43)
GRC and AI Governance - Senior Manager
CFGI
Hybrid · Jacksonville, FL · Remote · Full-time
AI Governance CISM CRISC CISSP Posted Jun 13, 2026
Governance, Risk & Compliance (GRC) Manager
Sigma Computing
On-site · San Francisco, CA · Full-time
$190k to $215k Featured Governance Posted Jun 13, 2026
Senior GRC Engineer
Lantern
Hybrid · Dallas, TX · Full-time
Featured Governance Posted Jun 13, 2026
Manager, GRC Subject Matter Experts, Product
Vanta
Remote · Raleigh, NC · Remote · Full-time
Featured Governance Posted Jun 13, 2026
Security Risk Analyst
College Board
Remote · Remote · Full-time
Featured Risk CISA CISM CRISC Posted Jul 7, 2026
Security GRC Manager
Hex
Remote · Remote · Full-time
$182k to $295k Featured Governance Posted Jun 29, 2026
Senior GRC Specialist
Cohere
On-site · Toronto · Full-time
$140k to $220k Featured Governance Posted Jun 13, 2026
Governance, Risk & Compliance (GRC) Manager
Sigma Computing
On-site · New York City, NY · Full-time
$190k to $215k Featured Compliance CISA CISM CRISC Posted Jun 22, 2026
Senior AI GRC Engineer
Vanta
Remote · . · Remote · Full-time
Featured AI Governance Posted Jun 13, 2026
Senior Manager, GRC Subject Matter Experts, Product
Vanta
Remote · . · Remote · Full-time
Featured Governance CISA CISSP CIPM Posted Jun 13, 2026
Senior GRC Lead
Brex
On-site · Vancouver, British Columbia, Canada · Full-time
$154k to $192k Featured Governance CISA CISSP Posted Jun 26, 2026
EMEA Assurance Lead
Scale AI
On-site · Doha, Qatar · Full-time
Featured Governance Clearable CISA CISM CISSP Posted Jun 28, 2026
Senior Compliance Advisor
Drata
Remote · Remote · Full-time
Featured Compliance CISA CRISC CISSP Posted Jun 13, 2026
Security GRC Manager: Customer Trust Enablement
Sierra
On-site · San Francisco, CA · Full-time
Featured Governance CISA CISM CRISC Posted Jun 13, 2026
Senior Security Engineer, GRC Automation
1Password
Remote · Canada · Remote · Full-time
$153k Featured Governance CISA CISSP Posted Jun 20, 2026
Senior Software Engineer, Trust and Third Party Risk Management
Vanta
Remote · . · Remote · Full-time
Featured Risk Posted Jun 26, 2026
Senior Compliance Engineer
Anduril Industries
On-site · Costa Mesa, California · Full-time
$146k Featured Compliance Secret CISM CISSP Posted Jun 13, 2026
Senior IT Auditor
Ethos
On-site · Bangalore, India · Full-time
Featured Audit CISA CISSP Posted Jun 13, 2026
Security Controls Assurance Lead
Anthropic
On-site · San Francisco, CA, NY Washington · Full-time
$345k Featured Governance Posted Jun 20, 2026
Senior Security Analyst, Customer Assurance
Plaid
On-site · New York City · Full-time
Featured Governance Posted Jul 3, 2026
Sr. Compliance Analyst
Cohere Health
On-site · Hyderabad, Telangana, India · Full-time
Featured Compliance Posted Jun 13, 2026
Senior Manager, Security Compliance
GitLab
Remote · Remote · Full-time
$168k Featured Compliance CISA CISM CISSP Posted Jul 3, 2026
Security Compliance Architect
Zscaler
Remote · Remote · Full-time
$144k Featured Compliance Posted Jul 3, 2026
Governance Risk and Compliance
Figma
On-site · San Francisco, CA, NY • · Full-time
$153k Featured Compliance CISA CISM CRISC Posted Jun 13, 2026
Senior Governance, Risk, Compliance (GRC) Analyst
Headway
On-site · San Francisco, CA · Full-time
$162k Featured Compliance Posted Jun 17, 2026
Engineering Manager, GRC Platform
Anthropic
On-site · San Francisco, CA, NY Seattle · Full-time
$405k Featured Governance Posted Jun 13, 2026
Staff+ Software Engineer, GRC Platform
Anthropic
On-site · San Francisco, CA, NY Seattle · Full-time
$405k Featured Governance Posted Jun 13, 2026
Internal Audit IT Associate Manager
Coinbase
Remote · Remote · Full-time
$131k Featured Audit CISA CISM CISSP Posted Jun 13, 2026
Internal Audit IT Manager
Coinbase
Remote · Remote · Full-time
$166k Featured Audit CISA CISM CISSP Posted Jun 13, 2026
Senior GRC Analyst
Garner Health
Remote · Remote · Full-time
$143k to $165k Featured Governance CISA CISM CRISC Posted Jul 3, 2026
Head of Global Assurance
Scale AI
On-site · Washington, DC · Full-time
Featured Governance Clearable CISA CISM CISSP Posted Jun 20, 2026
Senior Manager, Customer Trust & Security Governance
GitLab
Remote · Remote · Full-time
$168k Featured Governance Posted Jul 3, 2026
GRC Specialist
Collibra
On-site · New York, NY · Full-time
$88k to $110k Featured Governance CISA CRISC CISSP Posted Jun 17, 2026
Staff+ Security Engineer, Risk Engineering
Anthropic
On-site · San Francisco, CA, NY Seattle · Full-time
$320k Featured Risk Posted Jun 13, 2026
Insider Risk Analyst - SkillBridge Intern
Zscaler
Remote · Remote · Full-time
Featured Risk Posted Jun 13, 2026
GRC Pre-Sales Consultant / Solutions Engineer – DACH market, EMEA
Vanta
On-site · London, UK · Full-time
Featured Governance Posted Jun 28, 2026
Senior Manager, Audit Partnerships
Vanta
Remote · . · Remote · Full-time
Featured Audit Posted Jun 13, 2026
Senior HR Compliance Manager
Commure
On-site · Mountain View, CA · Full-time
Featured Compliance Posted Jun 13, 2026
Senior GRC Program Manager
Ripple
On-site · Luxembourg · Full-time
Featured Governance CISA CISSP Posted Jun 20, 2026
Program Manager, Engineering - Technology GRC
Stripe
On-site · Dublin · Full-time
Featured Governance CISA CISSP Posted Jun 22, 2026
GRC Engineer
Verkada
On-site · San Mateo, CA · Full-time
$200k Featured Governance Posted Jun 13, 2026
Director of Security, GRC
Aledade
Remote · Remote · Full-time
Featured Governance CISA CISM CRISC Posted Jun 13, 2026
Senior Vice President, IT and Chief Data Officer
iRhythm Technologies
Remote · Remote · Full-time
Featured Data Governance Posted Jun 13, 2026