SOC

System and Organization Controls (SOC) 2 Type II

Overview

SOC 2 (System and Organization Controls) is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It assesses how service providers manage customer data across five key Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

This report evaluates how well the implemented controls operate over a sustained period, usually between 6 and 12 months.

Jobma and SOC 2 Compliance

Jobma is SOC 2 Type II certified, underscoring its commitment to operational excellence, data protection, and privacy.

The audit evaluates the design and operating effectiveness of Jobma's controls against the AICPA Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. The resulting attestation validates that our systems, policies, and procedures meet industry-recognized standards for safeguarding data and ensuring service reliability.

The SOC 2 Type II report covers Jobma's cloud-based video interviewing platform and supporting infrastructure, including:

Platform services supporting one-way, live, and AI-driven interviews.
Candidate and recruiter data storage, encryption, and transmission systems.
Identity and access management controls governing user authentication and authorization.
Continuous monitoring, incident response, and data recovery processes.

What it Means for Jobma Customers

Jobma undergoes regular SOC 2 Type II audits as part of our continued commitment to safeguarding customer and candidate data. These independent assessments reaffirm that Jobma's systems, policies, and controls meet and consistently uphold industry standards for data security, availability, and operational reliability.

Jobma's dedicated security and compliance teams continuously implement, monitor, and strengthen our controls to ensure that any sensitive information remains secure throughout every stage of the hiring process. When we say your data is secure, it's not just a claim - the report provides validation of these efforts. Any customer or prospect may request a copy of our third-party report, subject to a non-disclosure agreement (NDA).

Maintaining SOC 2 Type II certification is an ongoing priority for Jobma. In addition to this framework, Jobma continues to comply with more globally recognized security and compliance certifications, such as ISO 27001 and GDPR alignment initiatives. Our goal is to strengthen the trust and transparency that customers expect from a modern hiring platform.

Our Commitment to Continuous Compliance

SOC 2 Type II compliance is an ongoing process. Jobma maintains dedicated internal teams and automated monitoring tools to ensure that all controls remain effective throughout the audit period and beyond. Regular re-evaluations and independent audits are conducted annually to sustain our certification and adapt to evolving security standards.

By achieving and maintaining SOC 2 Type II compliance, Jobma demonstrates its ongoing commitment to protecting customer and candidate data, ensuring system reliability, and upholding the trust placed in its platform by organizations worldwide.

If you'd like to review our latest SOC 2 Type II report, please contact our security team at privacy@jobma.com

Security

We use layered defenses to safeguard customer data from unauthorized access, misuse, or alteration. Our platform operates within secure cloud environments supported by firewalls, intrusion detection, multi-factor authentication, and strict access management controls.

We practice continuous monitoring and logging to detect and flag unusual activity in real time. Data encryption at rest and in transit protects all video interviews, candidate information, and recruiter communications from interception or tampering.

Availability

Jobma's global video interviewing platform is engineered for uptime, scalability, and resilience. We understand that recruiters and candidates depend on our system to function seamlessly during time-sensitive hiring cycles.

Our redundant infrastructure and load-balancing processes ensure consistent performance even during high-traffic periods. We apply effective disaster recovery and backup processes to minimize downtime and data loss in the event of an outage.

Integrity

Processing integrity ensures that Jobma's systems operate as intended. Our platform follows stringent quality and validation controls for candidate video uploads and recruiter evaluations.

We use change management and testing protocols to ensure software stability. We maintain a reliable platform through continuous integration and deployment pipelines. Every Jobma process, from interview scheduling to AI analytics, operates with transparency and consistency.

Confidentiality

Jobma's confidentiality controls ensure that our client and candidate personal and organizational information stays protected across the hiring lifecycle.

We apply granular access permissions to restrict visibility of candidate data to authorized team members only. Our secure data storage and retention policies define how long information is kept and how it's disposed of securely.

Privacy

We handle all personal data according to globally recognized privacy principles and applicable regulations, including GDPR and regional data protection laws, including California Consumer Privacy Act (CCPA). We maintain transparent privacy practices to inform users how their data is collected, used, and stored.

Our consent-based data processing ensures candidates maintain control over their personal information. Our Privacy Policy describes how we handle your information when you use our website, products, and/or services.

Jobma continuously monitors, reviews, and updates its security practices to align with evolving standards and customer expectations. If you'd like to review our latest SOC 2 Type II report, please contact our security team at privacy@jobma.com.