6sense helps B2B marketing and sales organizations fully understand the complex ABM buyer journey. By combining intent signals from every channel with the industry’s most advanced AI predictive capabilities, it is finally possible to predict account demand and optimize demand generation in an ABM world. Equipped with the power of AI and the 6sense Demand Platform™, marketing and sales professionals can uncover, accelerate, and capture buyer demand to drive more revenue.
Come join a growing security team that is driven to design and improve platform security through innovation, automation, and excellence. This position will handle complex duties in the areas of security governance, risk management, and compliance. You will be assessing the adequacy of the security and controls for applications and cloud infrastructure throughout the organization. The Security Auditor will conduct risk-based IT, operational, and compliance assessments across the audit life-cycle: planning, risk assessment, coordination, data analysis, evaluation of design and control effectiveness, work documentation, reporting, and remediation validation.
In order to support such obligations, yet not impede engineering progress, Security Auditors are charged with making security procedures scalable, easy to use, and automated. If identifying security issues, leading the security compliance initiatives and articulating these to customers and auditors sounds like a day of fun, then this is the role for you.
- Maintain Vendor Risk Management program, including interfacing with internal stakeholders and vendor security teams.
- Conduct IT audits and provide technical audit advice related relating to systems/operations development, design and controls; systems security; change/project management; business process improvement; complex integrated systems, and disaster recovery.
- Respond to customer questions related to areas of the Cyber Security program and controls
- Maintain standard security assessment questionnaires, such as CSA CAIQ, Vendor Security Alliance or SIG.
- Provide IT audit evidence to external auditors as required to meet compliance requirements
- Provide internal audit function for managing risk and controls for new and existing systems, applications, and processes.
- Execute audit fieldwork using a risk-based approach to help ensure effective testing coverage and identify control gaps and other areas of risk exposure related to controls within IT processes.
- Assess the design and development of security solutions and their adherence to applicable policies and comply with information security requirements.
- Assist management in managing risk throughout all operations by identifying and assessing risk and participating in the development of Annual Compliance Audits and planning to address significant risk across the organization.
- Design and deliver achievable, meaningful recommendations to management to mitigate identified risk; include strengthening controls, improving efficiency and effectiveness of operations, enhancing performance, and controlling costs.
- Develop and conduct detailed audit programs using statistical sampling and/or computer assisted audit techniques. Document procedures used to validate that audited areas are effectively reviewed.
- Stay abreast of current and emerging security risks
- Understand existing processes and reference recognized standards and frameworks and improve processes where necessary.
- Certified Information Systems Auditor (CISA), PCI QSA, CISM, CISSP, or other relevant industry recognized certification
- Drive Technology Risk Management and / or IT Audit function in enterprise organizations
- 3 years of related experience in executing Information Systems audits, including Application, Platform or General IT Controls; or conducting information security assessments or implementing information security controls. Deep insight of best practice standards and frameworks, such as, SOC2, PCI, COBIT, NIST, ITIL, and ISO 27001.
- In-depth understanding of network and system security technology and practices across major-computing areas.
- 3+ years experience on an internal security or audit team
- Strong communication skills, ability to explain technical security concepts to a range of audiences
- BA/BS degree in Business, Computer Science, Management Information Systems or related field, or equivalent practical experience.
Familiarity with security and privacy frameworks and regulations (e.g. GDPR, CCPA, HITRUST, HIPAA)