Cyber Audit & Compliance Associate

About The Position

Requirements

• Bachelor’s degree in Business, Information Systems, Information Security, or a related field.
• 2+ years of experience in IT audit, cyber risk, or compliance.
• Hands‑on experience with GRC platforms (e.g., ServiceNow IRM, AuditBoard).
• Strong understanding of Cyber and IT Controls frameworks, including SOX, SOC, PCI DSS, ISO 27001, NIS2, and NIST CSF.
• Proven experience supporting or leading audit activities, including evidence collection and auditor coordination.
• Strong organizational and project management skills with the ability to manage multiple audits and competing deadlines.
• Excellent written and verbal communication skills, including translating technical concepts for non‑technical stakeholders.

Nice To Haves

• Professional certifications such as CISA, CC, or CISSP are preferred but not required.

Responsibilities

• Coordinate and support IT audit and attestation engagements across the enterprise, including internal audits, external audits, and regulatory assessments.
• Prepare, collect, validate, and organize audit evidence to support IT controls and compliance requirements.
• Partner with control owners and business stakeholders to ensure audit readiness, including walkthroughs, evidence preparation, and timeline planning.
• Serve as a primary liaison with external auditors and Compliance teams, tracking requests, deliverables, and audit milestones.
• Track and support remediation of audit findings, control gaps, and management action plans.
• Maintain accurate documentation of controls, audit artifacts, and testing results within GRC tools (e.g., ServiceNow IRM).
• Provide regular reporting on audit progress, open issues, risks, and compliance posture to management.
• Monitor evolving regulatory requirements, industry standards, and IT control frameworks to assess organizational impact.
• Support continuous improvement efforts to enhance audit processes, control effectiveness, and compliance maturity.