About Penbrothers
Penbrothers is an HR & remote talent management partner and one of the fastest growing companies in the Philippines. We provide talented Filipinos with global opportunities in high-growth startups and dynamic companies, from the comfort of their own homes.
About the Client
Our client is the security, privacy, and compliance team of companies around the U.S. They offer expert-built security and privacy solutions without the need for additional full-time employees and they are Vanta's #1 MSP and vCISO
About the Role
The ideal candidate will have expertise in cybersecurity frameworks such as ISO 27001, HITRUST, and SOC 2, with a strong ability to review, validate, and interpret compliance evidence. This role requires excellent organizational skills, attention to detail, and the ability to communicate findings effectively
What you'll do
- Perform internal audits across various cybersecurity and compliance frameworks, including ISO 27001, HITRUST, and SOC 2
- Review, validate, and assess evidence provided by clients to ensure compliance with relevant standards
- Analyze and interpret audit results, identifying areas for improvement and ensuring the integrity of control environments
- Collaborate with client teams to provide feedback and support on compliance requirements
- Stay up to date with changes in cybersecurity frameworks and industry best practices to guide audit practices
- Prepare detailed audit reports that outline findings, recommendations, and action plans
- Assist clients in mitigating risks and closing compliance gaps uncovered during audits
What You Bring
- A minimum of 3+ years of professional experience in a relevant field
- Proven experience performing internal audits, particularly within cybersecurity frameworks such as ISO 27001, HITRUST, and SOC 2
- Strong understanding of evidence validation processes and control testing
- Must possess experience working with cloud environments, such as AWS, Azure, or GCP
- Ability to quickly assess and review documentation and evidence for accuracy and completeness
- Excellent verbal and written communication skills, with the ability to articulate complex audit findings clearly
- Strong organizational and time management skills, capable of managing multiple audits simultaneously
- Experience working directly with clients, providing both feedback and recommendations
- Experience working in a fast-paced tech or startup environment
- Familiarity with other compliance frameworks, such as NIST CSF or HIPAA, is a plus
- Professional certifications such as CISA, CISSP, or similar are preferred but not required
- Ability to work remotely and during US Eastern Time zone hours
- Fluency in written and spoken English
