Information Security Auditor

SecurityPal, Inc. San Francisco, CA TITLE: Information Security Auditor DUTIES: Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of contact for clients, ensuring clear communication, understanding of requirements, and satisfaction with services provided; Develop and implement assessment methodologies tailored to client needs and industry best practices; Collaborate with clients to identify their security needs and customize assessment approaches accordingly; and Analyze assessment findings and provide strategic security recommendations to clients to mitigate risks effectively; Generate detailed assessment reports outlining findings, risk levels, and recommendations for remediation. Present findings to clients in a clear, concise, and actionable manner; Foster strong client relationships by proactively addressing concerns, anticipating needs, and providing exceptional service. Act as a trusted advisor on security matters; Collaborate with clients during security incidents to provide technical guidance and support incident response efforts; Perform comprehensive risk assessments beyond vendor assessments, such as enterprise-wide risk assessments, to identify and prioritize risks across different business units or systems; Collaborate with other teams within the organization (e.g., IT, legal, compliance) on security-related initiatives such as policy development, security awareness programs, or incident response exercises; and Conduct readiness assessments for ISO, SOC 2, Fedramp Compliance, evaluating current processes, controls, and documentation to identify gaps and areas needing improvement to achieve compliance and certification.

Telecommuting Allowed for this position

Minimum Requirements: Master’s Degree in Cyber Security and Information Assurance or a substantially related field; thirty (30) months of Work experience in a Cyber Security role; Experience conducting Information Security (IS) Audits compliant with ISO 27001:2013 and SOC 2 Type 2 standards. Telecommuting Allowed for this position. SALARY: $166,000-$170,000 per year, depending upon experience HOURS: 9:00 A.M. - 6:00 P.M Apply To This Job