Mid-Level Security Auditor

As a Mid-Level Security Auditor, you will play a key role in our Security Audit function, executing audits across cloud, on-premise, SaaS, and software development environments. You will independently conduct meaningful sections of audit engagements, collaborate with control owners and other stakeholders, and help ensure our compliance with major industry frameworks (NIST CSF 2.0, NIST 800-53, PCI DSS, FTC Safeguards Rule).

Responsibilities:

• Execute assigned audit procedures across AWS, on-premise, and other platforms, including control testing, documentation, and analysis of system configurations, access reviews, change tickets, and vulnerability scans.

• Conduct walkthroughs and interviews with control owners to understand processes, document control environments, and identify potential gaps.

• Draft clear, organized working papers and preliminary audit findings, including observation, risk, recommendations, and supporting evidence.

• Support both internal (NIST CSF 2.0 maturity assessments, control evaluations) and external (PCI DSS, regulatory) audits by gathering evidence, coordinating with stakeholders, and tracking remediation of findings.

• Continue to develop expertise in cloud security, SDLC controls, and compliance frameworks while effectively managing multiple audit workstreams.

#LI-Remote