Information Security Auditor

Remote Full-time
Position Summary:

As an Information Security Auditor within the IS and Compliance team, you'll be responsible for safeguarding internal company data and client data through robust information security, compliance, and risk management programs. You'll manage the development, deployment, and execution of controls and defenses to ensure the security and compliance of our technology infrastructure and data assets. This role involves developing and executing security controls, defenses, and countermeasures to prevent attacks on email, data, e-commerce, and web-based systems, as well as administering policies to control access to systems.

Expected Duties:

-Audit Participation: Facilitate audit testing for SOC 2, PCI DSS, and develop and monitor controls, and assist with remediation guidance.

-Cloud & Systems Audits: Lead audits of cloud environments, information systems, and security tools to ensure adherence to frameworks, laws, and regulations.

-Security Assessments: Support comprehensive assessments of security controls to determine their effectiveness and ensure they meet security requirements.

-Stakeholder Guidance: Guide stakeholders on securing systems and liaise with auditors and compliance teams to implement compensating controls.

-Research & Best Practices: Research best practices and trends in information security, ensure execution of required testing, and lead remediation activities for successful security audits/certifications.

-Identify Weaknesses: Identify weaknesses in internal controls, provide guidance on improving security compliance processes, and partner with stakeholders to implement solutions.

-Policy Alignment: Ensure alignment with internal policies and external regulatory requirements, continuously identify process enhancements, and stay current on changing regulatory requirements and industry frameworks.

Qualifications: Knowledge, Skills, and Abilities

-Education & Experience: Bachelor's degree with 4-6 years of related experience or equivalent work experience.

-Audit Expertise: 3+ years of experience in external/internal audit roles managing and leading AICPA SOC 2, and PCI DSS.

-Framework Knowledge: Knowledge of industry frameworks and standards such as ISO/IEC 27001:2013, PCI DSS, NIST CSF, and NIST 800-53.

-Security Controls: Experience implementing and/or assessing IT security controls to meet security, compliance, and audit requirements.

-Certifications: Possess or be working towards professional security certifications such as CISA, CISSP, CRISC, CCSP, CISM, GIAC, QSA, or similar.

-Consensus Building: Expertise in building consensus across business partners and technology leaders, and influencing successful outcomes.

-Project Management: Strong project management and communication skills, including the ability to gather relevant data, work in a team environment, and manage conflict.

-Cloud Assessments: Experience assessing controls within multi-cloud environments and effectively communicating results to stakeholders.

-Control Documentation: Assist with documenting control objectives and procedures in areas such as cybersecurity, cloud security, governance and compliance, DevSecOps, data security and protection, incident response, enterprise security architecture, and technology risk management.

-Problem-Solving Skills: Strong business and technical aptitude and problem-solving skills.

-Continuous Learning: Enthusiasm to learn through structured, on-the-job, and self-directed training.

-Communication Skills: Ability to communicate security-related concepts to a broad range of technical and non-technical staff.

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

**Experienced Remote Data Entry Clerk – Part-Time Opportunity with arenaflex**

Remote

[Work From Home] Legitimate Typing Work From Home Jobs

Remote

Experienced Technical Customer Success Engineer – Chrome Enterprise with blithequark: Remote Full-Time Opportunity for Customer Service and Software Implementation Experts

Remote

**Experienced Customer Service Representative – Live Chat Support (Remote / No Experience Required) at arenaflex**

Remote

[Remote] Sr./ Sales Manager, Sweet Protein

Remote

**Experienced Data Entry Clerk - Administrative Assistant (Remote) - Launch Your Career with arenaflex Today!**

Remote

Salesforce Solution Architect, Systems & Tools (Public Sector)

Remote

Oracle eBusiness Suite Software Developer

Remote

Experienced Personal Lines Customer Service Representative – Insurance Industry Expert

Remote

Experienced Class A CDL Local Truck Driver - Relocate to Fort Wayne, IN for a High-Paying, Home Daily Job with $5000 Relocation Bonus and Excellent Benefits

Remote
← Back