Information Security Auditor (100% Remote)

Please send updated resumes directly to jason.tompkins@yoh.com
Jason Tompkins, Recruiter, Yoh SPG
https://www.linkedin.com/in/jatompkins/


No 3rd Parties
The employer will not be sponsoring visa applicants for this position


Position Overview: The Information Security Auditor ensures compliance with security regulations, standards, and internal policies. This role identifies areas for improvement and collaborates with teams to implement corrective actions.
Key Responsibilities:

• Implement security controls to ensure compliance (e.g., SOC2, GDPR, FERPA, COPPA).
• Analyze security measures to identify weaknesses.
• Collaborate with teams to address compliance issues.
• Develop and implement security policies and procedures.
• Recommend risk mitigation and control enhancements.
• Prepare reports on audit findings and compliance status.
• Develop training materials on compliance requirements.
• Support risk management by identifying and mitigating security risks.

Required Qualifications:

• Bachelor's degree in Computer Science or related field, or equivalent work experience.
• Experience with major compliance projects, especially SOC2 Type II.
• Background in risk assessment, audit, and security assessments.
• Strong understanding of industry standards and risk assessment.
• Excellent communication skills, both technical and non-technical.
• Experience with AWS.

Specialized Knowledge and Skills:

• Preferred certifications: CISA, CISSP, PMP.
• Broad knowledge of system architecture and software applications.
• Experience with compliance regulations and security frameworks (e.g., SOC2, NIST CSF, GovRAMP, GDPR, FERPA, COPPA).
• Proficient with risk and control frameworks (e.g., CIS, COBIT, NIST SP 800-53, ISO 27001).
• Strong analytical and problem-solving skills.
• Ability to work independently and collaboratively.
• Excellent organizational and communication skills.

Additional Information:

• Working towards SOC2 Type I audit.
• Small security team with support from broader technology teams.
• Using GRC tool (Drata) and AzureDevOps for work management.
• Ideal candidate has experience achieving and maintaining SOC2 compliance and can communicate effectively with both technical and non-technical teams.
  

 

Estimated Min Rate: $50.00
Estimated Max Rate: $60.00

Note: Any pay ranges displayed are estimations.  Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description.  All qualified applicants are welcome to apply.

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process.

For California applicants, qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.  All of the material job duties described in this posting are job duties for which a criminal history may have a direct, adverse, and negative relationship potentially resulting in the withdrawal of a conditional offer of employment.