![]()
WELCOME TO SITA
Were the team that keeps airports moving, airlines flying smoothly, and borders open. Our tech and communication innovations are the secret behind the success of the worlds air travel industry.
Youll find us at 95 of international hubs. We partner closely with over 2,500 transportation and government clients, each with their own unique needs and challenges. Our goal is to find fresh solutions and cutting-edge tech to make their operations run like clockwork. Want to be a part of something big?
Are you ready to love your job? The adventure begins right here, with you, at SITA.
PURPOSE
Support the implementation, control, and continuous improvement of SOC 2 Type 2 compliance across SITAβs operational and infrastructure environments. This includes preparing for and supporting external audits, maintaining documentation, and ensuring alignment with the SOC 2 Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, and Privacy) as well as SITAβs internal security and operational policies.
What will you do
Assist in the development and execution of a SOC 2 Type 2 compliance programme, including the creation and maintenance of required documentation, audit evidence, and control matrices aligned with the Trust Services Criteria.
Coordinate with internal stakeholders (e.g. GRC, SoC, Infrastructure, Development, and Integration teams) and external auditors to ensure timely and accurate delivery of compliance artefacts.
Support the implementation and validation of technical and administrative controls such as access management, system monitoring, incident response, and data protection in line with SOC 2 requirements.
Maintain and update the Roles and Responsibilities Matrix to ensure all personnel involved in SOC 2 scope understand and acknowledge their duties.
Monitor and report on the effectiveness of SOC 2 controls, identifying gaps and recommending remediation actions.
Facilitate internal readiness assessments and mock audits to ensure preparedness for formal SOC 2 Type 2 evaluations.
Track and manage audit findings, ensuring timely resolution and documentation of corrective actions.
Support the development and delivery of SOC 2 awareness and training sessions for relevant teams.
Assist in the planning and estimation of compliance-related activities, including resource needs and timelines.
Ensure that all documentation (e.g. policies, procedures, system architecture diagrams, change control logs) is reviewed and updated regularly to meet SOC 2 audit requirements.
Qualifications
EXPERIENCE
Minimum of 5 yearsβ experience in a Quality Assurance, Information Security, or Compliance environment, with hands-on involvement in regulatory frameworks and standards such as SOC 2, ISO 27001, or PCI DSS.
Demonstrated experience in implementing and supporting SOC 2 Type 2 compliance programmes, including evidence collection, control validation, and audit readiness.
Familiarity with secure system development lifecycle (SSDLC), access control management, incident response, and risk-based control assessments aligned with the Trust Services Criteria.
Experience working with cross-functional teams (e.g. infrastructure, development, operations, and GRC) to implement security controls, respond to audit findings, and drive continuous improvement.
KNOWLEDGE & SKILLS
Strong understanding of SOC 2 Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, and Privacy), including scoping, control mapping, and evidence documentation.
Knowledge of security best practices for access control, system monitoring, data encryption, secure configuration, and incident response.
Ability to interpret audit requirements and translate them into actionable tasks for technical and non-technical stakeholders.
Proficiency in preparing and maintaining compliance artefacts such as control matrices, risk assessments, roles and responsibilities documentation, and policy/procedure manuals.
Familiarity with tools and platforms used for log management, access reviews, vulnerability assessments, and change tracking.
Excellent communication and documentation skills, with the ability to explain complex compliance topics clearly and effectively across diverse teams.
PROFESSION COMPETENCIES
SOC 2 Type 2 Implementation
Compliance Management
Business Process Improvement
Managing Risk
Audit Readiness & Response
Secure System Development Lifecycle
Standards, Procedures & Policies
Supplier Security Assurance
Quality Management
Requirements Analysis
Systems Thinking
Conceptual Thinking
Innovation
Managing Change
Conflict Resolution
Technical Writing & Documentation
CORE COMPETENCIES
EDUCATION & QUALIFICATIONS
University degree or equivalent, preferably in Computer Science, Information Security, Engineering, or a related field.
Industry certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), SOC 2 Certified Practitioner, or ISO 27001 Lead Implementer are highly desirable.
ISEB Foundation or equivalent quality assurance qualification is a plus.
Familiarity with audit frameworks and regulatory standards including SOC 2, ISO 27001, and PCI DSS.
WHAT WE OFFER
Were all about diversity. We operate in 200 countries and speak 60 different languages and cultures. Were really proud of our inclusive environment. Our offices are comfortable and fun places to work, and we make sure you get to work from home too. Find out what its like to join our team and take a step closer to your best life ever.
π‘ Flex Week: Work from home up to 2 days/week (depending on your teams needs)
β° Flex Day: Make your workday suit your life and plans.
π Flex-Location: Take up to 30 days a year to work from any location in the world.
πΏ Employee Wellbeing: We have got you covered with our Employee Assistance Program (EAP), for you and your dependents 24/7, 365 days/year. We also offer Champion Health - a personalized platform that supports a range of wellbeing needs.
π Professional Development: Level up your skills with our training platforms, including LinkedIn Learning!
π Competitive Benefits: Competitive benefits that make sense with both your local spanet and employment status.
SITA is an Equal Opportunity Employer. We value a diverse workforce. In support of our Employment Equity Program, we encourage women, aboriginal people, members of visible minorities, and/or persons with disabilities to apply and self-identify in the application process.
