Senior Information Security Internal Auditor
Posted 2026-05-06
Remote, USA
Full-time
Immediate Start
- Job Description:
- Own and evolve the internal audit program aligned to FedRAMP Moderate and related frameworks
- Maintain and enhance the Information Security and Privacy Framework, including policies and standards
- Conduct NIST 800-53 assessments and provide actionable recommendations based on FedRAMP controls and best practices
- Lead monthly FedRAMP Continuous Monitoring (ConMon) activities and submissions
- Partner with engineering and operations teams to deliver compliance requirements and meet key milestones
- Act as a key liaison with external auditors, clearly articulating control implementation in a cloud environment
- Support certification initiatives (FedRAMP and others) and drive compliance strategy
- Manage audit documentation, evidence, and reporting within a GRC system
- Develop audit plans, reports, and continuous monitoring approaches
- Support and facilitate internal and external audits
- Requirements:
- Experience with FedRAMP, NIST 800-53, FISMA, or similar compliance frameworks
- Strong understanding of FedRAMP reporting and information collection processes
- Experience producing metrics, reports, and compliance insights
- 3+ years in security, compliance, or audit within a technical environment
- Hands-on experience supporting major compliance frameworks (e.g. FedRAMP, SOC 2, ISO 27001, BSI C5)
- Solid knowledge of information security policies and best practices
- Strong communication skills with the ability to influence stakeholders
- Proactive, detail-oriented, and highly organized
- Benefits:
- healthcare
- dental
- parental planning
- mental health benefits
- disability income benefits
- life and AD&D insurance
- a 401(k) plan and match
- paid time off
- fitness reimbursements