Senior Risk & Audit Specialist

This is a fully remote position, open to applicants in Canada.

📋 Description

• Assist with both current and forthcoming audits, including ISO 27001, SOC 2, PCI DSS, HIPAA, and other pertinent assurance tasks by managing evidence collection, assessing evidence quality, scheduling walkthroughs, and liaising with control owners.

• Facilitate risk assessments, updates to the risk register, control monitoring, issue tracking, and follow-up on risk treatment by collaborating with teams to identify control deficiencies, agree on feasible actions, and monitor remediation until completion.

• Execute third-party risk management evaluations to provide a thorough understanding of organizational risk.

• Aid in ongoing compliance efforts across established frameworks and emerging readiness initiatives (including Australia ISM/IRAP/HCF, NIS2, and ISO 42001/AIM) while upholding policies, procedures, control narratives, and supporting documentation.

• Address customer and prospective client inquiries regarding security or compliance in collaboration with Sales, Legal, Security, and Product teams, and assist in updating the Trust Center and other trust-related documentation.

• Generate clear updates on audit status, risks, obstacles, metrics, and remediation progress for leadership while seeking opportunities to streamline repeatable processes and minimize audit friction for control owners.

• Utilize risk, audit, and compliance tools to maintain organization, traceability, and reporting efficiency.

• Assist with internal audit and review activities as necessary.

⛳️ Requirements

• Over 5 years of experience in risk, audit, compliance, governance, security assurance, or a closely related field.

• Practical experience in supporting audits, evidence collection, control testing or monitoring, and tracking remediation efforts.

• Familiarity with security and compliance frameworks such as ISO 27001, SOC 2, PCI DSS, HIPAA, ISO 42001, GDPR, PIPEDA, or equivalent standards.

• Capability to clearly articulate requirements to both technical and non-technical audiences.

• Exceptional organizational and prioritization abilities, particularly when managing multiple deadlines concurrently.

• Sound judgment, meticulous attention to detail, and a pragmatic approach to problem-solving.

• Comfort in a remote, global setting collaborating with cross-functional teams across different time zones.

🏝️ Benefits

• Flexible PTO

• Comprehensive healthcare coverage (UK, Canada, France, Spain, USA)

• Company stock options

• Professional development budget

• Office equipment budget

• Wellness budget

• Annual team gatherings

• Internet reimbursement

• Inclusive parental leave

• Remote work travel program