Internal IT Auditor
Internal IT Auditor
Primary responsibility is to maintain the Company’s SOC 2 audit process which includes the automation of tasks through building report pipelines, creating evidence collection scripts, and working with the operations and development team to collect and organize evidence on compliance with security processes, follow up, and ongoing status reporting to the Chief Information Security Officer and Chief Compliance Officer.
The individual must be organized, methodical, and good at follow up to ensure all evidence is collected in a timely manner. The role is an active participant in the Company’s SOC 2 review with its auditors and is responsible for responding to inquiries and requests for additional information/documentation in a professional and courteous manner.
An ideal candidate is a computer savvy individual with an interest in audit. That candidate is able to build programs, systems, and / or tools to automate the collection of data and building of reports to facilitate the Company’s SOC 2 audit.
Additional responsibilities include coordinating the Company’s vendor management processes. Acting as the point person managing the process from requests to add a new or replace an existing vendor, to shepherding the request through the review process, to reporting back to the requestor on the approval or denial of the vendor. They are responsible for coordinating and following up with the annual review of our vendors.
General qualifications
- Minimum two years’ experience preparing for, participating in, and responding to inquiries for SOC 2 audits, ideally for financial technology companies
- Highly organized with superior attention to detail
- Good with follow up to ensure all information and documentation is provided in a timely manner
- Professional with the ability to effectively communicate with senior leadership
- Bachelor’s degree in a relevant field
- Well versed in Microsoft Office Suite
- A bonus is someone who has experience with global privacy and information security issues, rules, and regulations