Mid-Level Security Auditor
Role details
Job location
Tech stack
Job description
As a Mid-Level Security Auditor, you will play a key role in our Security Audit function, executing audits across cloud, on-premise, SaaS, and software development environments. You will independently conduct meaningful sections of audit engagements, collaborate with control owners and other stakeholders, and help ensure our compliance with major industry frameworks (NIST CSF 2.0, NIST 800-53, PCI DSS, FTC Safeguards Rule)., * Execute assigned audit procedures across AWS, on-premise, and other platforms, including control testing, documentation, and analysis of system configurations, access reviews, change tickets, and vulnerability scans
- Conduct walkthroughs and interviews with control owners to understand processes, document control environments, and identify potential gaps
- Draft clear, organized working papers and preliminary audit findings, including observation, risk, recommendations, and supporting evidence
- Support both internal (NIST CSF 2.0 maturity assessments, control evaluations) and external (PCI DSS, regulatory) audits by gathering evidence, coordinating with stakeholders, and tracking remediation of findings
- Continue to develop expertise in cloud security, SDLC controls, and compliance frameworks while effectively managing multiple audit workstreams
Requirements
Do you have experience in SaaS platforms?, * 3-7 years of experience in security audit, IT audit, cybersecurity operations, or a related technical role
- Working knowledge of at least one major control framework (NIST CSF, NIST SP 800-53, PCI DSS, ISO 27001, or SOC 2); interest in deepening expertise in core company frameworks
- Practical experience with cloud environments (AWS preferred) and core control areas (IAM, logging, encryption, network segmentation, configuration management)
- Familiarity with identity platforms (Okta or similar), source code management (GitHub), and mainstream SaaS applications
- Strong skills in written communication, organization, and attention to detail
- Progress toward or completion of a relevant certification (CISA, Security+, CCSP, AWS Certified Security, etc.) is preferred
- Collaborative, professional approach and a desire to grow into a Senior Security Auditor role
Benefits & conditions
Pulled from the full job description
- Referral program
- Professional development assistance
- Parental leave
- 401(k)
- Health insurance
- 401(k) matching
- Paid time off, * 401(k)
- 401(k) matching
- Dental insurance
- Flexible schedule
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Parental leave
- Professional development assistance
- Referral program
- Vision insurance