Position Description

The Senior Security Auditor leads complex and high-risk security audits across our cybersecurity, cloud, and software development environments. As a key technical leader, you ensure our security controls are effective, provide audit expertise, and mentor junior team members-all while balancing independence and cross-department collaboration.

Responsibilities:

- Lead and execute end-to-end audits for AWS, on-premises, SDLC, IAM, and key SaaS platforms.

- Develop engagement scopes, audit programs, and translate security frameworks (NIST CSF 2.0, NIST 800-53, PCI DSS, FTC Safeguards) into test procedures.

- Assess controls through walkthroughs, configuration reviews, and log analysis; draft clear, actionable findings and remediation recommendations.

- Guide NIST CSF 2.0 maturity assessments and document gaps.

- Serve as audit liaison during external assessments, preparing evidence and managing requests.

- Mentor mid- and junior auditors in methodologies and standards.

- Track and validate remediation of findings.

- Contribute to team operations, process improvements, and automation efforts.

#LI-Remote

Requirements

8+ years' experience in security/IT audit or technical risk roles, leading audits independently.; Deep knowledge of AWS cloud security and infrastructure-as-code.; Strong understanding of NIST CSF 2.0, NIST 800-53, PCI DSS, and FTC Safeguards, with practical application experience.; Experience auditing SDLC, code reviews, CI/CD, and vulnerability management.; Proficiency with identity providers (e.g., Okta), SSO, and privileged access.; Excellent written communication and ability to produce executive-level reports.; Proven mentoring and leadership skills.; Certifications (CISA, CISSP, CCSP, AWS Security Specialty, QSA) strongly preferred.; Experience in regulated industries (automotive, industrial, etc.) is a plus.; Able to maintain objectivity and strong working relationships with control owners.