Red Cell Partners is hiring a
Audit Manager

Summary

Join Andesite as an Audit Manager to design, assess, and evaluate information security and compliance controls, policies, and procedures. As a key member of the Security & Compliance team, you will ensure our information assets meet rigorous third-party compliance requirements. You have a track record of successfully moving audits to successful closure.

Requirements

• 5+ years of audit experience, including time at a rapidly scaling startup
• Bachelor’s degree in computer science, Information Technology, or related field
• Must have a current CISA (certified information security auditor) or similar professional certification
• Expertise with regulations and standards, such as FedRAMP, SOC 2, CMMC, NIST, ISO, PCI, and HITRUST – preferably in SaaS
• Experience auditing security controls such as VPN, data loss prevention, IDS/IPS, firewalls, containers, and orchestration
• Familiarity with cloud computing and virtualization technologies
• Experience with governance, risk, and compliance (GRC) tools
• Experience working with and assessing vendors and suppliers
• Strong leadership and management skills
• Strong analytical and problem-solving skills
• Excellent communication and interpersonal skills
• Strong understanding of IT security principles and practices
• Excellent communication, collaboration, and reporting skills
• An ability to work under pressure with aggressive timelines in a fast-paced environment

Responsibilities

• Design and conduct detailed assessments and audits for FIPS and NIST 800-53 (Rev. 5), High category for FedRAMP High, and Trust Services Criteria for SOC 2
• Create and conduct quarterly internal audits to prepare for third-party and customer audits, focusing on security effectiveness and compliance requisites
• Identify security and other weaknesses in systems and networks and create strategies to capture and close non-conformities, working with control owners to prevent or limit security breaches and ensure our commitments are met
• Develop and implement security measures to protect computer systems and networks
• Collaborate cross-functionally across internal functions such as executives, product, engineering, and sales, with the ability to communicate complex technical topics
• Develop and maintain positive relationships with clients, third-party assessors, and providers to ensure effective communication, timelines, and reporting
• Stay current on the latest or impending revisions to third-party compliance, regulations, and the latest cybersecurity trends, threats, and technologies to ensure audit activities focus on the security posture remaining strong and compliant

Benefits

• Top-of-market competitive salary, bonus, and equity package
• 100% employer paid, comprehensive health insurance including medical, dental, and vision for you and your family
• Unlimited PTO, with your manager’s approval
• Flexible work environment where you manage your work day
• A remote-first environment, with occasional travel to collaborate with customers, your team, and teammates from across the company in person
• Home office reimbursement
• 14 weeks of fully-paid parental leave