Internal Security Auditor II

2 Months ago • 2-8 Years • Auditing

Job Summary

Job Description

The Internal Security Auditor is responsible for maintaining and enhancing Contentstack’s security posture by conducting audits and assessments. They will oversee SOC2 and ISO27001 compliance, monitor internal controls, evaluate technical evidence, plan and execute audits, prepare reports, communicate with stakeholders, and recommend improvements. They will also manage customer audits and utilize GRC tools. This role requires strong analytical skills and the ability to translate technical information into actionable recommendations.
Must have:
  • 2+ years of experience in information security auditing and compliance
  • Experience working on SOC2 and ISO27001 audits
  • Understanding of information security principles and technologies
  • Excellent analytical and problem-solving skills
  • Strong attention to detail and organizational abilities
  • Excellent written and verbal communication skills
  • Ability to work independently and as part of a team
  • Understanding the SaaS business model and software development approach
  • Familiarity with one of the major cloud providers
Good to have:
  • Experience with GRC tools (e.g. Carbide, Drata, Vanta)
  • Relevant certifications (CISA, IIA CIA)
Perks:
  • Interesting Work
  • Tribe Vibe
  • Bragging Rights
  • One Team One Dream

Job Details

What is Contentstack?

Contentstack is on a mission to deliver the world’s best digital experiences through a fusion of cutting-edge content management, customer data, personalization and AI technology. Iconic brands, such as AirFrance KLM, ASICS, Burberry, Mattel, Mitsubishi and Walmart, depend on the platform to rise above the noise in today's crowded digital markets and gain their competitive edge.

Contentstack and its employees are dedicated to the customers and communities they serve. The company is recognized for its unmatched customer care and tradition of giving back globally through the Contentstack Cares program, including proud support of Pledge 1% and Girls Who Code.

 Learn more at www.contentstack.com.

Who Are We?

At Contentstack we are more than colleagues, we are a tribe. Our vision is to pursue equity among our communities, employees, partners, and customers. We are global-diverse yet close; distributed yet connected. We are dreamers and dreammakers who challenge the status quo. We do the right thing, even when no one is watching. We are curious trendspotters and brave trendsetters. Our mission is to make Contentstack indispensable for organizations to tell their stories and to connect with the people they care about through inspiring, modern experiences. We care deeply about our customers and the communities we serve. #OneTeamOneDream. Chalo, let’s go!

What Are We Looking For?

Contentstack is looking for an Internal Security Auditor.

Overview:

The Internal Security Auditor is responsible for maintaining and enhancing Contentstack’s security posture by conducting comprehensive audits and assessments. This role requires an understanding of security and control frameworks, such as SOC2, and ISO27001, their effective implementation, and the ability to translate complex technical information into actionable recommendations. The ideal candidate will be a strategic thinker with strong analytical skills and a proven track record in identifying and mitigating security risks.

Responsibilities:

  • SOC2 and ISO27001 Compliance: Oversee the ongoing maintenance of SOC2 and ISO27001 certifications. Coordinate external audits and assessments to ensure compliance with relevant standards and regulations.
  • Internal Control Effectiveness: Monitor and evaluate the effectiveness of internal controls related to information security. Identify control gaps and recommend enhancements to strengthen the overall security posture.
  • Technical Evaluation: Possess the ability to evaluate technical evidence provided by internal teams, ensuring it aligns with audit objectives and industry standards.
  • Audit Planning and Execution: Develop and execute audit plans, including defining objectives, scope, and methodology. 
  • Report Writing and Communication: Prepare clear and concise audit reports, summarizing findings, recommendations, and action plans. Communicate effectively with both technical and non-technical stakeholders.
  • Continuous Improvement: Stay up-to-date on industry best practices, emerging threats, and regulatory changes. Recommend process improvements to enhance audit efficiency and effectiveness.
  • Customer Audits: When necessary, manage and coordinate customer audits, providing necessary documentation and support. Collaborate with cross-functional teams to address audit findings and implement corrective actions.
  • GRC Tool Utilization: Leverage GRC tools to manage audit workflows, evidence collection, and reporting.

Qualifications:

  • Minimum of 2 years of experience in information security auditing and compliance.
  • Proven experience in a team working on SOC2 and ISO27001 audits.
  • Strong understanding of information security principles, practices, and technologies.
  • Excellent analytical and problem-solving skills.
  • Strong attention to detail and organizational abilities.
  • Excellent written and verbal communication skills.
  • Ability to work independently and as part of a team.
  • Understanding the SaaS business model and software development approach.
  • Familiarity with one of the major cloud providers (AWS, Azure, GCP)
  • Experience with GRC tools (e.g. Carbide, Drata, Vanta)
  • Relevant certifications (CISA, IIA CIA) are a plus.

Experience: 2-8 years

Location: Pune/Mumbai/Bangalore

 

What Do We Offer?

Interesting Work | We hire curious trendspotters and brave trendsetters. This is NOT your boring, routine, cushy, rest-and-vest corporate job. This is the “challenge yourself” role where you learn something new every day, never stop growing, and have fun while you’re doing it. 

Tribe Vibe | We are more than colleagues, we are a tribe. We have a strict “no a**hole policy” and enforce it diligently. This means we spend time together - with spontaneous office happy hours, organized outings, and community volunteer opportunities. We are a diverse and distributed team, but we like to stay connected.

Bragging Rights | We are dreamers and dream makers. Our efforts pay off and we work with the most prestigious brands, from big-name retailers to airlines, to professional sports teams. Your contribution will make an impact with many of the most recognizable names in almost every industry including AirFrance KLM, ASICS, Burberry, Mattel, Mitsubishi, Walmart, and many more!

One Team One Dream | This is one of our values, and it shows. We don’t believe in artificial hierarchies. If you’re part of the tribe, you have an opportunity to contribute. Your voice will be heard and you will also receive regular updates about the business and its performance. Which, btw, is through the roof, so it’s a great time to be joining…

 

To review our Privacy Policy, please click here.

Similar Jobs

Imagine.io - Head - Customer Success

Imagine.io

Texas, United States (Hybrid)
3 Months ago
Imanage - Channel Partner Marketing Manager

Imanage

London, England, United Kingdom (Remote)
2 Months ago
Globalization Partners - AI Intern

Globalization Partners

United Kingdom (Remote)
1 Month ago
attentive - Principal Product Manager, Reporting

attentive

United States (Remote)
2 Months ago
Dialpad AI - Sales Specialist, VSB

Dialpad AI

Pasig, Metro Manila, Philippines (Remote)
2 Months ago
PwC - Senior Associate - Audit and Assurance

PwC

Bucharest, Bucharest, Romania (On-Site)
9 Months ago
PwC - Senior Associate  - Internal Audit

PwC

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
8 Months ago
PwC - IN-Associate Internal Audit

PwC

Gurugram, India (On-Site)
1 Month ago
PwC - Developing Senior Auditor

PwC

Bucharest, Bucharest, Romania (Hybrid)
3 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

bytedance - Innovation Tech Solution Sales (Cloud), BytePlus - Indonesia

bytedance

Jakarta, Jakarta, Indonesia (On-Site)
8 Months ago
NCR Voyix - Accounts Payable Specialist

NCR Voyix

Cebu City, Central Visayas, Philippines (On-Site)
1 Month ago
Saama - Statistical Programmer – L2

Saama

Coimbatore, Tamil Nadu, India (On-Site)
1 Month ago
USE Insider - Solutions Architect - Korea

USE Insider

Seoul, South Korea (Hybrid)
8 Months ago
Glean - Sales Development Representative

Glean

Nashville, Tennessee, United States (Hybrid)
1 Month ago
Coupa - Change Management Consultant

Coupa

Bogota, Colombia (Hybrid)
4 Weeks ago
Ion - Cloud Engineer Kubernetes

Ion

Rome, Lazio, Italy (Hybrid)
9 Months ago
Axonius - BI Manager

Axonius

Tel Aviv-Yafo, Tel Aviv District, Israel (Hybrid)
1 Month ago
Stibo Systems - Director, Head of Data, BI & Applications

Stibo Systems

Aarhus, Denmark (Hybrid)
3 Weeks ago
DevRev - Account Executive - Enterprise (NorCal, WA, TX)

DevRev

United States (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Mumbai, Maharashtra, India

GlobalStep - Vice President – Marketing

GlobalStep

Pune, Maharashtra, India (On-Site)
1 Month ago
luxsoft - Avaloq Software Engineer (Data)

luxsoft

Bengaluru, Karnataka, India (On-Site)
2 Months ago
FICO - Demand Generation Manager

FICO

Bengaluru, Karnataka, India (On-Site)
1 Month ago
HCL Tech - Technical Specialist

HCL Tech

Pune, Maharashtra, India (On-Site)
1 Month ago
Cadence - Principal Software Engineer

Cadence

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Aeries technology - Sr. DevOps Engineer

Aeries technology

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Cloud Software Group - Lead Product Security Engineer

Cloud Software Group

Bengaluru, Karnataka, India (On-Site)
8 Months ago
GoTo Group - Site Reliability Engineer - EP (SE4)

GoTo Group

Gurugram, Haryana, India (On-Site)
8 Months ago
Fi - Digital Marketing

Fi

Bengaluru, Karnataka, India (On-Site)
1 Year ago
PwC - IN-Senior Associate _SAP  MM/PTP_Enterprise Apps - SAP_Advisory_Gurgaon

PwC

Gurugram, Haryana, India (On-Site)
9 Months ago

Get notifed when new similar jobs are uploaded

Auditing Jobs

PwC - Senior IT Auditor with German

PwC

Bucharest, Bucharest, Romania (On-Site)
9 Months ago
Ubisoft - Internal IT Auditor

Ubisoft

Carentoir, Brittany, France (Hybrid)
6 Months ago
Palo Alto Networks - Internal Audit Manager - IT Risks and Controls

Palo Alto Networks

Santa Clara, California, United States (On-Site)
2 Months ago
nissan - Deputy Manager (Internal Audit)

nissan

Chennai, Tamil Nadu, India (On-Site)
3 Weeks ago
PwC - Audit Associate (AOS Pod 2)

PwC

Makati City, Metro Manila, Philippines (On-Site)
9 Months ago
FalconX - Audit Manager

FalconX

New York, New York, United States (On-Site)
2 Months ago
Ion - IT Internal Auditor, Italy

Ion

Italy (Hybrid)
9 Months ago
Ubisoft - Internal Controls IT Auditor

Ubisoft

Carentoir, Brittany, France (Hybrid)
2 Months ago
PwC - IN_Associate _ Internal Audit _Internal Audit Services_ Advisory_ Bangalore

PwC

Bengaluru, Karnataka, India (On-Site)
9 Months ago
PwC - Consultant Audit IT expérimenté

PwC

Casablanca, Casablanca-Settat, Morocco (On-Site)
9 Months ago

Get notifed when new similar jobs are uploaded

About The Company

We combine the spirit of a startup with the gravitas of an established business and experienced leadership team. Contentstack is an award-winning business, recognized by leading analysts and endorsed by Fortune 500.

Bengaluru, Karnataka, India (Hybrid)

Chennai, Tamil Nadu, India (Hybrid)

United States (Remote)

Chennai, Tamil Nadu, India (Hybrid)

Chennai, Tamil Nadu, India (Hybrid)

Pune, Maharashtra, India (Hybrid)

Central Sulawesi, Indonesia (Remote)

Chennai, Tamil Nadu, India (Hybrid)

View All Jobs

Get notified when new jobs are added by Contentstack