IT Security, Risk, and Compliance Auditor

1 Month ago • 3 Years + • Cyber Security

Job Summary

Job Description

The IT Security, Risk, and Compliance Auditor at Coupa is crucial for assessing and enhancing the organization's security controls, managing risks, and ensuring compliance with various frameworks. The role involves conducting technical audits, implementing automated control testing, identifying gaps, and improving compliance processes to enhance operational efficiency and minimize risk. The candidate is expected to work across IT, security, and business units to evaluate security measures, improve control design, and meet industry standards.
Must have:
  • 3+ years in IT security auditing, risk assessments, or compliance
  • Strong knowledge of security frameworks (e.g., ISO 27001, SOC 2, PCI DSS)
  • Experience with GRC platforms and compliance automation tools
  • Bachelor’s degree in IT, Cybersecurity, or related field (or equivalent experience)
  • Strong verbal and written communication skills
Good to have:
  • CISA, CISSP, CRISC, CISM, ISO 27001 Lead Auditor certifications

Job Details

Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins.

Why join Coupa?

🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend.
🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence.
🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other. 

Learn more on Life at Coupa blog and hear from our employees about their experiences working at Coupa. 

The Impact of an IT Security, Risk, and Compliance Auditor at Coupa:

The IT Security, Risk, and Compliance Auditor plays a critical role in evaluating, strengthening, and automating the organization’s security controls, risk posture, and compliance frameworks. This position is responsible for conducting technical security audits, implementing automated control testing, identifying gaps, and enhancing compliance processes to drive operational efficiency and risk reduction.

The ideal candidate has a technical background in security and compliance auditing with a strong understanding of control automation, evidence collection automation, and continuous compliance monitoring. They will work cross-functionally with IT, security, and business units to evaluate the effectiveness of security measures, improve control design, and ensure the organization meets regulatory and industry standards.

This role requires proficiency in security frameworks such as ISO 27001, SOC 2, PCI DSS, HIPAA, SWIFT, TISAX, C5, PIMS, NIST CSF, FedRAMP, and expertise in automation tools, GRC platforms, and evidence collection technologies.

What You'll Do:

    • Conduct Technical Audits & Risk Assessments: Perform in-depth security audits and risk-based assessments of infrastructure, applications, and cloud environments to evaluate compliance with standards like ISO 27001, SOC 2, PCI DSS, GDPR, and HIPAA.
    • Leverage Automation & Tools: Utilize automated control testing, evidence collection, and real-time compliance tracking via GRC platforms and security tools (e.g., SIEM, IAM, vulnerability management).
    • Evaluate & Improve Security Controls: Assess and validate security configurations, access management, encryption, and vulnerability management, providing risk-based recommendations and supporting mitigation efforts.
    • Reporting & Stakeholder Engagement: Produce detailed audit reports, dashboards, and presentations for technical and executive audiences, tracking remediation and ensuring audit follow-ups are completed.
    • Cross-Functional Collaboration & Advisory: Partner with IT, security, and business teams to integrate audit findings into strategy, advise on best practices, and support continuous improvement in control automation and compliance posture.

What You Will Bring to Coupa:

    • Education & Experience: Bachelor’s degree in IT, Cybersecurity, or related field (or equivalent experience) with 3+ years in IT security auditing, technical risk assessments, or compliance.
    • Technical & Framework Expertise: Strong knowledge of security frameworks (e.g., ISO 27001, SOC 2, PCI DSS, NIST CSF, HIPAA, FedRAMP) and understanding of IT systems, cloud security, encryption, and access management.
    • Tools & Automation: Experience with GRC platforms, compliance automation, control testing tools, evidence collection systems, and familiarity with audit/security tools (e.g., AuditBoard, Drata, Splunk, Qualys, AWS Security Hub).
    • Certifications (Preferred): CISA, CISSP, CRISC, CISM, ISO 27001 Lead Auditor, or equivalent credentials.
    • Communication & Analytical Skills: Strong verbal and written communication skills, with the ability to translate findings into actionable security recommendations and engage effectively with stakeholders.
#LI-REMOTE
#LI-PB

Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees. 

Please be advised that inquiries or resumes from recruiters will not be accepted.

By submitting your application, you acknowledge that you have read Coupa’s Privacy Policy and understand that Coupa receives/collects your application, including your personal data, for the purposes of managing Coupa's ongoing recruitment and placement activities, including for employment purposes in the event of a successful application and for notification of future job opportunities if you did not succeed the first time. You will find more details about how your application is processed, the purposes of processing, and how long we retain your application in our Privacy Policy.

Similar Jobs

Uniswap Labs - Senior Backend Engineer

Uniswap Labs

New York, United States (Hybrid)
1 Month ago
Bungie - Destiny Armor and Weapons Feature Lead

Bungie

(Hybrid)
2 Months ago
PwC - Gerente de Auditoria Externa | Manager [tag02]

PwC

Rio De Janeiro, State Of Rio De Janeiro, Brazil (On-Site)
8 Months ago
Joyride Games - VP Marketing

Joyride Games

Palo Alto, California, United States (Remote)
1 Year ago
Granicus - Data Scientist 4

Granicus

Bengaluru, Karnataka, India (Remote)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Accenture - BI Engineer

Accenture

Bengaluru, Karnataka, India (On-Site)
1 Month ago
ISS Stoxx - Sales Specialist – Sustainability and Climate Data

ISS Stoxx

Stockholm, Stockholm County, Sweden (On-Site)
2 Weeks ago
gitlab - Solutions Architect

gitlab

Italy (Remote)
3 Weeks ago
Fox Factory - Specialist, Financial Planning & Analysis

Fox Factory

India (Hybrid)
1 Week ago
Kavalirio - Controller

Kavalirio

Orlando, Florida, United States (On-Site)
1 Week ago
endava - Senior .NET Developer

endava

Chișinău, Chisinau, Moldova (On-Site)
2 Weeks ago
Scopely - Lead Product Manager, Growth

Scopely

United States (Remote)
2 Weeks ago
Valeo - Electronic System Design

Valeo

Martos, Andalusia, Spain (On-Site)
4 Weeks ago
Paytm - Key Account Manager- Oil& Gas -Bangalore

Paytm

Bengaluru, Karnataka, India (On-Site)
8 Months ago
Amber - Level Designer 3D (Project Based)

Amber

Brazil (Remote)
7 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Reno, Nevada, United States

Google - Software Engineering Manager II, Front End, Google Cloud

Google

San Francisco, California, United States (On-Site)
2 Months ago
PrizePicks - Director of Engineering

PrizePicks

Atlanta, Georgia, United States (Remote)
1 Month ago
lifechruh - Associate Operations Pastor

lifechruh

United States (On-Site)
8 Months ago
Elise AI - GTM Enablement Manager

Elise AI

New York, New York, United States (On-Site)
7 Months ago
Arcadia - Director, Energy Supply Solutions

Arcadia

United States (Remote)
1 Month ago
Netflix - Coordinator, Film Legal Delivery - Netflix Film

Netflix

Los Angeles, California, United States (On-Site)
2 Months ago
GlobalStep - Director of HR

GlobalStep

Richardson, Texas, United States (On-Site)
2 Weeks ago
luxsoft - Full-stack developer

luxsoft

Irvine, California, United States (On-Site)
3 Weeks ago
bounteous - Director of Loyalty Strategy

bounteous

United States (Remote)
3 Weeks ago
rivos - Silicon Formal Verification - Intern

rivos

Santa Clara, California, United States (On-Site)
8 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Ann Arbor, Michigan, United States (Remote)

California, United States (Remote)

United Kingdom (Remote)

Pune, Maharashtra, India (Hybrid)

Bogota, Colombia (Hybrid)

Foster City, California, United States (Hybrid)

Pune, Maharashtra, India (Hybrid)

Pune, Maharashtra, India (Hybrid)

Pune, Maharashtra, India (Hybrid)

View All Jobs

Get notified when new jobs are added by Coupa

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug