Information Security Auditor

SecurityPal, Inc.

San Francisco, CA

TITLE:   Information Security Auditor

DUTIES: 

Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of contact for clients, ensuring clear communication, understanding of requirements, and satisfaction with services provided; Develop and implement assessment methodologies tailored to client needs and industry best practices; Collaborate with clients to identify their security needs and customize assessment approaches accordingly; and Analyze assessment findings and provide strategic security recommendations to clients to mitigate risks effectively; Generate detailed assessment reports outlining findings, risk levels, and recommendations for remediation. Present findings to clients in a clear, concise, and actionable manner; Foster strong client relationships by proactively addressing concerns, anticipating needs, and providing exceptional service. Act as a trusted advisor on security matters; Collaborate with clients during security incidents to provide technical guidance and support incident response efforts; Perform comprehensive risk assessments beyond vendor assessments, such as enterprise-wide risk assessments, to identify and prioritize risks across different business units or systems; Collaborate with other teams within the organization (e.g., IT, legal, compliance) on security-related initiatives such as policy development, security awareness programs, or incident response exercises; and Conduct readiness assessments for ISO, SOC 2, Fedramp Compliance, evaluating current processes, controls, and documentation to identify gaps and areas needing improvement to achieve compliance and certification. **Telecommuting Allowed for this position**

Minimum Requirements: Master’s Degree in Cyber Security and Information Assurance or a substantially related field; thirty (30) months of Work experience in a Cyber Security role; Experience conducting Information Security (IS) Audits compliant with ISO 27001:2013 and SOC 2 Type 2 standards. Telecommuting Allowed for this position.

SALARY:  $166,000-$170,000 per year, depending upon experience

HOURS:    9:00 A.M. - 6:00 P.M