Internal Auditor II

By Tim Mektrakarn - CISSP | CISA | ISO 27001 | July 14, 2025

About the Role:

As an Internal Auditor on our SecOps Team, you’ll play a vital role in supporting our customers’ ongoing audit readiness and continuous monitoring efforts. You’ll review security controls, evidence, and documentation to ensure alignment with industry standards and best practices.

In this role, you’ll primarily collaborate with internal team members across Governance, Security Consultants, Offensive Security, and other SecOps colleagues. You’ll also prepare clear, detailed written communications and reports for customers to keep them informed of audit progress, findings, and next steps.

Key Responsibilities:

  • Conduct internal audits of security controls and processes, verifying compliance with frameworks such as ISO 27001, SOC 2, and NIST CSF.
  • Review audit evidence, identify gaps, and coordinate remediation with internal stakeholders.
  • Maintain up-to-date records of audit findings, status, and corrective actions.
  • Work closely with Governance, Offensive Security, and other SecOps functions to align audit activities with the overall security program.
  • Prepare accurate, well-organized audit reports and status updates for customers, with a strong focus on clear, professional written communication.
  • Support audit readiness initiatives by validating control effectiveness ahead of customer external audits.
  • Contribute to improving internal audit procedures, evidence checklists, and tracking systems.
  • Participate in regular internal meetings to ensure audit tasks align with risk assessments and broader security operations goals.

Requirements:

  • ✅ 3-4 years’ experience as a GRC Analyst or Internal Auditor in information security, compliance, or risk management.
  • ✅ Familiarity with key security frameworks (ISO 27001, SOC 2, NIST CSF, etc.).
  • ✅ Strong understanding of internal controls, audit processes, and evidence management.
  • ✅ Excellent organizational skills and attention to detail — able to manage multiple customer audits at once.
  • ✅ Strong communication skills are mandatory, especially for producing clear, concise written reports for customers.
  • ✅ Proven ability to work well with internal stakeholders, across technical and non-technical teams.
  • ✅ Support US Eastern and Pacific time zones from 8AM – 5PM

Nice to Have:

  • ➕ Relevant certifications such as ISO 27001 Internal Auditor, CISA, CISM, CISSP (Associate), or equivalent.
  • ➕ Experience supporting customers in regulated sectors (finance, healthcare, SaaS).
  • ➕ Familiarity with security auditing tools, GRC platforms, or evidence management software.

Why You’ll Love This Role:

  • ✅ You’ll play a critical part in helping our customers maintain a strong, audit-ready security posture.
  • ✅ Gain practical, hands-on experience with real-world frameworks and compliance processes.
  • ✅ Be part of a collaborative SecOps Team that values clear communication, trust, and continuous improvement.

Apply for this position

Allowed Type(s): .pdf, .doc, .docx