Sr. IT Risk & Controls Specialist at Auth0
Sorry, this job was removed at 11:03 a.m. (PST) on Wednesday, August 26, 2020
Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score.
Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.
We are a Security company and Auth0's Security & Compliance team is in the privileged position of supporting a security-first culture for a company that wants to make the internet safer.
We are seeking a Sr. IT Risk & Controls Specialist who can help execute a wide range of assessments and audits across the entire organization. This role will work closely with security and compliance leadership to strategize and scope assessments, identify key risk areas, and establish baseline control alignment for continued organizational growth and maturity.
In this role you will:
- Scope, conduct, and document a diverse range of internal assessments
- Support the Security & Compliance team in ensuring compliance with industry standards and privacy regulations
- Conducts third-party risk assessments and generate findings and recommendations
- Stay abreast of industry requirements for certifications relevant to Auth0’s business
- Draft policies and best practices that will be consumed by the entire organization
- Continually translate compliance requirements into relevant cloud-based security controls
- Maintain knowledge of certifications and controls such as NIST 800-53, IT SOX controls, SOC-2, HIPAA, PCI-DSS, ISO 27001 / ISO27018, GDPR, HITRUST FedRAMP
- Assist in kicking off quarterly user access reviews
- Evaluate vendors against compliance and security standards
- Interview internal resources and review process documentation to assess compliance with established controls and identify gaps
- Track compliance gaps and ensure work to remediate gaps meets deadlines
- Organize and present audit documents
Our ideal candidate will have:
- Bachelor’s degree in business, information systems, computer science, or relevant educational or professional experience
- Minimum 5 years of work experience in compliance or related field
- Minimum 3 years of IT Internal audit experience
- Knowledge of financial controls and implementation
- Solid knowledge of security controls across all security domains such as access management, vulnerability management, business continuity, etc.
- Strong analytical skills enabling the ability to evaluate security requirements and translate them to appropriate security controls.
- Effective communication skills enabling the ability to communicate complex information to various audiences both verbally and in writing (English)
- Knowledge of industry cloud technologies
- Knowledge of certifications and standards such as SOC-2, HIPAA, PCI-DSS, CSTAR, ISO 27001, and GDPR
- Experience with information security principles/practices
- Experience with privacy principles/practices
- Some experience with software development practices
- Passionate about security, privacy, and compliance
- Self-motivated, quick learner, fast researcher
- Have experience with and are comfortable with a remote working environment
Bonus points for:
- Public Accounting/Big 4 Consulting Experience
- Technical information security experience
- Experience with automating security monitoring functions using scripting.
- Industry relevant certifications such as CISSP, CISA, etc.
Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.
We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles.
Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.