Audit Program Manager or US Remote
Audit Program Manager
at LogRhythm (View all jobs)
Boulder, Colorado or US Remote
Audit Program Manager
LogRhythm is looking for an Audit Program Manager that will build the program, operationalize it, and
ensure that we meet the requirements set forth by our external auditors, certifying bodies, our contractual
agreements, all while meeting customer expectations of a security company. This critical position will
report directly to the Chief Security Officer.
Opportunity
Compliance is key to LogRhythm’s ability to win and retain customers. As the manager of the internal
audit program your skills, experience, and knowledge of audit and compliance matters will be in great
demand across LogRhythm. Working at LogRhythm will also provide you with opportunities to grow your
skills and experience outside of compliance. This position gives you the ability to learn and interact with
all facets of the corporate security and information technology programs. You’ll gain experience on the
administrative side of security, related to governance, risk, and compliance. You’ll also gain experience
on the technical side of security working with the information technology, security, development, and
development operations teams. It’s an opportunity to validate and improve information security for an
information security company.
Responsibilities
• Develop, operationalize, and execute the internal audit program (processes, procedures,
scheduled cadence, reports, plans, etc.)
• Collaborate with internal and external stakeholders, such as information security, information
technology, marketing, product management, engineering (product security), devops teams
(SaaS security), and external audit partners
• Create and deliver reports, metrics, and plans for both internal and external stakeholders
• Provide business and IT management with guidance on risk management matters; business
continuity, disaster recovery, vendor management, change management, etc.
• Ensure compliance with audit controls related to ISO27001, NIST, FedRAMP, SOC2 (COSO),
GDPR, Privacy Shield, state privacy regulations, FIPS/Common Criteria, PCI-DSS, other
certifying bodies, and the contractual agreements with our customers
• Consult with governance, risk, and compliance teams to implement policies and procedures
• Identify weaknesses in technology systems and architecture and create plans to ensure those are
remediated
• Work directly with and be the liaison for our external auditors
Qualifications
• Previous internal or external audit experience, especially working with technology companies
• Strong understanding of technology and security frameworks and regulations; ISO27001, NIST,
FedRAMP, SOC2 (COSO), GDPR, Privacy Shield, and FIPS/Common Criteria, PCI-DSS, etc.
• Strong written and verbal communication skills and previous experience with audit reporting
• Experience translating business requirements with standard, practices, organizational processes,
and to best determine risk to the business
• Knowledge of IT systems, applications, data and the general controls that protect them
• Knowledge of governance, risk, and compliance and how that relates to IT audit
• Experience interacting with external auditors and the certifying processes
• Experience working with software development teams
• Certifications are a nice to have (CISA, CIA, CPA, CISSP, CISM, etc.)
• Degree or equivalent experience in finance, accounting, legal, risk management, business
administration, or computer science
Benefits:
LogRhythm offers the following benefits for this position, subject to applicable eligibility requirements:
· Medical · Dental · 401k plan · Flexible time off
· Vision
· HSA
· FSA
· EAP · Birthday Day off
Salary:
The annual starting salary for this position is between 95-120k Annually depending on experience and
other qualifications of the successful candidate.
Bring your Whole Self to Work!
Diversity, equity, and inclusion are at the core of who we are. At LogRhythm, we know that diverse
perspectives spark innovation, improve creativity, and position our team for success. Creating a culture
where all are welcomed, valued, and empowered to achieve their full potential is important to who we are
today and in the future. We hire the best of the best and do not discriminate based on race, gender, age,
religion, sexual orientation, identity, or other personal factors.
About us:
• Gartner Leader in Security
• TB company
• Award-winning NexGen SIEM Platform