Senior IT Auditor, Quality

About The Position

Requirements

• Bachelor’s degree from an accredited college or university, or equivalent professional experience
• 3–7 years of experience performing, reviewing, or managing IT audits, cybersecurity assessments, or risk assurance engagements, including areas such as: HITRUST assessments, SOC 1, SOC 2, ISO 27001, PCI audits or examinations, IT General Controls (ITGC) reviews, Information security audits, Risk and compliance assessments
• Prior experience working for a HITRUST External Assessor organization, public accounting firm, internal audit function, or information security assurance/compliance team
• Strong understanding of risk management principles and control testing methodologies
• Knowledge of information security and compliance frameworks such as HITRUST CSF, SOC 2, ISO 27001, NIST, HIPAA, or related control frameworks
• Proven ability to analyze complex assessment scenarios, evaluate supporting evidence, and apply professional judgment in a quality assurance or audit environment
• Strong written and verbal communication skills, including the ability to clearly explain technical and audit-related concepts to diverse audiences
• Excellent analytical, organizational, and critical thinking skills with exceptional attention to detail
• Ability to work independently while collaborating effectively across teams and with external stakeholders

Nice To Haves

• Demonstrated ability to leverage AI and automation tools to improve efficiency, productivity, and analytical capabilities
• History of writing blogs, thought leadership, educational material, LinkedIn posts, etc. on cybersecurity topics
• Experience designing reports in Domo, or other data analytics tools
• Knowledge of the criteria within the HITRUST Assessment Handbook
• Experience in executing, leading, and/or reviewing HITRUST Assessments.
• CISA, HCISPP, CISM, CIA, CISSP, CCSFP, CHQP or similar certification

Responsibilities

• Perform quality assurance reviews of HITRUST assessments to ensure compliance with HITRUST Assessment Handbook requirements, assessment methodologies, and certification standards.
• Review HITRUST assessment submissions and certification reports prior to issuance to validate completeness, accuracy, and consistency.
• Lead complex escalated quality reviews involving assessment performance concerns or disputed results.
• Provide guidance and subject matter expertise to External Assessors, Customers and other stakeholders regarding HITRUST assessment expectations, control evaluation approaches, and quality standards.
• Monitor active certifications for adherence to HITRUST criteria.
• Investigate actual or suspected control failures or breaches impacting HITRUST certification status.
• Support thought leadership initiatives by contributing to articles, guidance, and educational content related to cybersecurity assurance, risk management, compliance, and HITRUST assessments.
• Develop and review reporting and metrics related to assessment quality, certification integrity, assessor performance, and program effectiveness.
• Collaborate with internal teams including Assurance, Standards, Information Security, Legal, HR, and Product to support organizational quality initiatives and continuous improvement efforts.

Benefits

• HITRUST is an equal opportunity employer that is committed to diversity and inclusion in the workplace.
• We prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.