Information Security Auditor

April 8

ForgeRock

WebsiteLinkedInAll Job Openings

ForgeRock®, the leader in digital identity, delivers modern and comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world$1. .$1

Identity Software Platform • AM - Access Management, Federation, SSO • DJ - Directory Software • IDM - Identity Lifecycle Provisioning • IG - Identity Gateway

501 - 1000

💰 $93.5M Series E on 2020-04

Description

• Manage the internal audit program, including conducting audits, validating controls, working with control owners to understand the controls, tracking remediation, and taking a continuous improvement approach to automating evidence collection and controls testing. • Focus on improving audit efficiency, including opportunities to automate evidence collection and/or validation. • Support external audits, including customer audits.

Requirements

• 3+ years of experience with external and/or internal audits against industry standard frameworks, such as ISO 27001 and SOC 2 • Understanding of effective security controls at the systems, network, and application level and how to apply with cloud-based services. • Experience auditing AWS, GCP, or Azure. • Experience auditing both cloud services and on-prem software solutions. • Understanding of common security domains and methods of auditing them, including security operations, network security, systems administration, SDLC, encryption, resilience, response and recovery, asset management, identity and access management, and vulnerability management. • Experience streamlining evidence requirements to reduce audit impact. • Knowledge of industry standard control frameworks and guidelines. • Experience applying risk management principles to security organizations.

Benefits

• Generous PTO & Holiday Schedule • Parental Leave • Progressive Healthcare Options • Retirement Programs • Opportunity for Education Reimbursement