Internal Security Compliance Auditor

Oneleet•Beaverton, OR

1d•Remote

About The Position

Oneleet is one of the fastest-growing security and compliance platforms, on a mission to make cybersecurity and compliance effective, easy, and painless. They provide a platform that helps companies build, manage, and monitor their cybersecurity programs and achieve compliance standards such as SOC 2 and ISO 27001 efficiently. Having recently raised a $33 million Series A, Oneleet is rapidly growing in customers and employees, with a team possessing decades of experience in security and compliance. They are looking for passionate self-starters with a growth mindset, a bias for action, and personal accountability, who love solving hard problems, thrive in ambiguity, and want to make a real impact. They value rebels eager to disrupt the status quo, opinionated but collaborative builders, and clear communicators. The company's mission is to make effective cybersecurity painless, believing it should empower, not burden. The Internal Security Compliance Auditor plays a critical role in ensuring the quality and completeness of client evidence before they undergo formal external compliance audits. Working behind the scenes as part of the internal quality assurance team, this role partners with Security Program Managers to review controls documentation, validate evidence quality, and perform final pre-audit quality assurance checks across multiple compliance frameworks including SOC2, ISO27001, PCI, HIPAA, and GDPR. This position requires deep technical knowledge of compliance frameworks combined with meticulous attention to detail to strengthen clients' compliance posture and prepare them thoroughly for their audit processes, while maintaining Oneleet's high standards.

Requirements

Deep understanding of SOC2, ISO27001, PCI, HIPAA, and GDPR requirements
Strong technical knowledge of security controls and their implementation
Experience reviewing and evaluating evidence for compliance audits, particularly in preparing organizations for external audit processes
Excellent attention to detail and quality control mindset
Strong written communication skills for documenting findings
Ability to work independently while supporting multiple client engagements
Familiarity with compliance automation platforms and tools
Experience in pre-audit preparation and internal quality assurance, preferably with multiple frameworks

Nice To Haves

Certification in relevant frameworks (e.g., CISA, ISO 27001 Lead Auditor) preferred

Responsibilities

Perform thorough internal reviews of client-uploaded evidence for compliance frameworks including SOC2, ISO27001, PCI, HIPAA, and GDPR
Conduct detailed quality assurance checks on individual controls to verify completeness, accuracy, and sufficiency prior to their audits with third-party auditing firms.
Execute comprehensive final QA reviews prior to clients engaging with an external auditor.
Identify gaps or weaknesses in evidence documentation and recommend improvements
Develop and maintain internal QA standards and review methodologies
Create guidance documents to help clients improve evidence quality
Collaborate with Security Program Engineers to address compliance gaps
Stay current on evolving compliance requirements across multiple frameworks to ensure our pre-audit preparation meets industry standards
Track audit readiness metrics and identify opportunities for process improvement
Provide expert feedback to our product team for compliance platform enhancements to better support pre-audit readiness