Internal Security Compliance Auditor

Key Responsibilities

• Perform thorough internal reviews of client-uploaded evidence for compliance frameworks including SOC2, ISO27001, PCI, HIPAA, and GDPR
• Conduct detailed quality assurance checks on individual controls to verify completeness, accuracy, and sufficiency prior to their audits with third-party auditing firms
• Execute comprehensive final QA reviews prior to clients engaging with an external auditor
• Identify gaps or weaknesses in evidence documentation and recommend improvements
• Develop and maintain internal QA standards and review methodologies
• Create guidance documents to help clients improve evidence quality
• Collaborate with Security Program Engineers to address compliance gaps
• Stay current on evolving compliance requirements across multiple frameworks to ensure our pre-audit preparation meets industry standards
• Track audit readiness metrics and identify opportunities for process improvement
• Provide expert feedback to our product team for compliance platform enhancements to better support pre-audit readiness

Requirements

• Deep understanding of SOC2, ISO27001, PCI, HIPAA, and GDPR requirements
• Strong technical knowledge of security controls and their implementation
• Experience reviewing and evaluating evidence for compliance audits, particularly in preparing organizations for external audit processes
• Excellent attention to detail and quality control mindset
• Strong written communication skills for documenting findings
• Ability to work independently while supporting multiple client engagements
• Familiarity with compliance automation platforms and tools
• Experience in pre-audit preparation and internal quality assurance, preferably with multiple frameworks
• Certification in relevant frameworks (e.g., CISA, ISO 27001 Lead Auditor) preferred