Senior Internal IT Auditor
About The Position
The Senior Internal IT Auditor is responsible for planning, executing, and reporting on internal audits of the Information Security Management System (ISMS) to ensure compliance with ISO 27001 standards. This role supports continuous improvement of security controls and processes, identifies non-conformities, and collaborates with stakeholders to implement corrective actions. Starting base pay for this role is between $80,000 and $100,000. The actual base pay is dependent upon many factors, such as transferable skills, work experience, business needs, training, location, and market demands. The base pay range is subject to change and may be modified in the future. This role will be eligible for a bonus as well as competitive medical, dental, and vision benefits, wellness reimbursement, life insurance, and a 401(k) with company match. We offer vacation and sick leave benefits (under a flexible time off policy in most states).
Requirements
- Bachelor’s degree in Information Security, Risk Management, or related field.
- 3-5 years of experience in internal auditing or IT compliance (ISO 27001 preferred).
- Knowledge of ISMS principles, ISO 27001 controls, and audit methodologies.
- Strong analytical, documentation, and communication skills.
Nice To Haves
- Preferred certifications: CISA, ISO 27001 Lead Auditor, or similar.
- Experience with NIST 800-53 and SOC a plus.
Responsibilities
- Develop and maintain the ISMS internal audit schedule and plan.
- Conduct audits of ISMS policies, procedures, and implemented controls against ISO 27001 requirements.
- Collect and review evidence, perform interviews, and document observations.
- Prepare detailed audit reports highlighting findings, non-conformities, and opportunities for improvement.
- Communicate audit results to the Information Security Leader and ISMS Governance Council.
- Track corrective actions and verify remediation effectiveness.
- Ensure confidentiality and integrity of audit data and supporting evidence.
- Maintain audit records in accordance with documented information control policies.
- Support readiness for external audits and certification activities.
- Identify process gaps and recommend improvements to strengthen ISMS compliance.
- Stay current on ISO 27001 updates and related security standards.
Benefits
- Medical and Dental coverage available for employees, dependents, domestic partners, and spouses
- Paid Time Off – Flexible options plus 10 paid company holidays where available
- All full-time positions are hybrid, with many eligible to be completely remote
- Fully Paid by Origami Risk – Vision insurance, Short & Long-Term Disability Insurance, and Basic Life Insurance
- Generous family leave options—including adoption and foster care placements
- Pre-Tax Savings Accounts – Flexible Spending Account, Health Savings Account, Commuter Benefits, Dependent Care Savings Account
- Retirement Savings – 401(k) with company match up to 4%
- Employee Assistance Program (EAP) – Confidential & Free support offered to colleagues facing personal or work-related complications
- Education Assistance Program – to help colleagues pursue industry/role-specific certifications
- Wellness Benefits – reimbursement program to invest in healthy habits as well as support better colleague productivity and stress management
- Additional coverages available – Pet Insurance, Critical Illness Insurance, and Voluntary Life & AD&D coverage
- Flexible PTO not available in California or the UK
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
501-1,000 employees
