Internal Security Auditor
Boston, MA /
Technology – Security & Compliance /
Full time, Remote-optional
Join the Security team at Posh as a Security Compliance Analyst and gain valuable insight and experience with protecting high scale cloud services. In this newly created role, you will be an integral part of a team that designs, builds and deploys solutions to protect our SaaS platform and its customers against advanced adversaries.
- Participate in planning, scheduling, and preliminary analysis for internal and external audit projects
- Coordinate audit activities including notification and scheduling for all affected parties of audit timing, scope, objectives, approach, and deliverables
- Work closely with external auditors and internal audit teams on managing and supporting the audits
- Identify, document, and map technology processes and internal controls of applicable technology infrastructure and operational areas per the scope of the audit project
- Perform risk assessments of technology infrastructure and operational processes and controls for assigned areas
- Complete audit testing, inquiry, observation and other analysis required to meet objectives of audit projects
- Assist in the development of the company's security program, policies, and standards
- Keep existing policies and procedures aligned with audit and security requirements
- Request and review vendors auditing documentation to ensure alignment with our Operations team.
- Respond to internal and external compliance inquiries
- Demonstrate understanding and experience with the implementation and management of SOC-2 Type II, GLBA, CSA STAR Level 2, GDPR, PCI DSS and ISO 27001 controls.
- Demonstrate experience understanding and using security tools (SIEM, Vulnerability Management, MFA, IAM and AV/Anti-Malware). Management of a SIEM platform is required.
- Bachelor’s degree in Information Systems preferred (otherwise Engineering and/or Business) and/or at least 5 years professional working experience
- Experience in internal or external audit in the IT risk and compliance space
- Understanding or interest in cloud industry technologies and IaaS, PaaS, SaaS platforms
- Ability to quickly acquire and apply knowledge of changing technologies
- Good understanding of audit process/methodology, and risk management/advisory
- Ability to adapt to a changing environment, meet deadlines and handle multiple projects
- Experience and/or familiarity with using a risk-based audit approach in evaluations of and recommendations for management processes
- Ability to present audit findings and recommendations in a manner that will be understood and accepted by all responsible parties
- Possess the tenacity to pursue difficult and sensitive issues to an acceptable conclusion
- Excellent analytical and organizational skills, and a team player
- This is a customer-facing position, and the candidate should demonstrate strong interpersonal skills.
- CCSK or CCAK would be desirable.
We’re on a mission to power a billion helpful banking moments, and we’re using cutting-edge conversational AI to do it. Our platform powers digital assistants like Citadel’s Adel, TruWest’s Trudy, Salem Five’s Sally, and dozens more. We arm any financial institution with the capability to provide an exceptional, conversational customer experience regardless of their assets under management or the communities they serve.
This is an incredibly exciting time to consider joining Posh. In November 2021, we closed a $31mm Series A venture round that will allow us to continue investing in our product and people. In 2022, we doubled our team size from 35 to 70, and we increased our customer base by four times. We have big goals, and we’re looking for people to help us achieve them.
Why we're a great place to join
- We value growth. We want you to be smarter and more capable than the day you joined. To that end, we celebrate regular “growth days” for you to learn what you want.
- We’re building this together. We’ve designed our teams to be cross-functional, and we know a diversity of perspectives is required for success.
- We value you. We offer competitive compensation (cash and equity), benefits, and employee perks.
- Our technology is cutting-edge. We ship fast and always look for opportunities to improve our product.
- Our customers love our products. It’s the reason we’re growing, and the inspiration for new product ideas.
- We make mistakes. Building a company is hard, and we don’t get everything right every time.