Information Security Auditor

The successful candidate will be fully conversant with the design, testing, and maintenance of internal controls in support of Andesa’s SOC-1/SOC-2/SOC-3 audits including: Organization & Management, Risk Management, Monitoring, Logical/Physical Access, System Operations, Change Management, Network Security, Backup & Recovery, and Processing Integrity.

Primary Responsibilities:

  • Coordinate SOC-1, SOC-2, and SOC-3 reviews with external auditors.
  • Manage the quarterly Internal Control Questionnaire (ICQ) process designed to assess the design and operating effectiveness of existing controls.
  • Design and execute tests of key controls.
  • Assign control activities to “owners” and ensure that they carry out these activities.
  • Educate control owners, as appropriate, to ensure understanding of controls assigned.
  • Periodically report to management on the state of IT controls including control deficiencies in need of remediation.
  • Provide a sound basis for the “Management Assertion” in the SOC reports.

Essential Skills:

  • Outstanding written/oral communication skills with the ability to foster and maintain inter-departmental working relationships.
  • Comprehensive understanding of preventive & detective internal controls with an ability to identify control gaps and support remediation.
  • Ability to work independently, as well as, within a team environment.
  • Exhibit strong time management skills and work towards deadlines.
  • Knowledge of Auditing & IT Auditing.
  • Ability to create and maintain structured work papers and controls documentation.

Education, Training and Experience:

  • Bachelor degree in Auditing, Information Systems, Accounting, or equivalent experience.
  • Two to five years relevant work experience (Auditing, IT Controls, etc.)
  • Appropriate professional certification preferred – e.g. CISA, CPA, or CISSP.

We offer a well-rounded compensation package including:

  • Fully paid Health Insurance (medical, prescription, dental, and vision)
  • 401K with company matching contributions
  • Generous paid time-off policy
  • Wellness Expense Reimbursement
  • Professional Development Expense Reimbursement
  • Child Care Stipend
  • Life and Disability Insurance


If this position sounds interesting, please click APPLY ONLINE to submit your resume for consideration. Kindly include SALARY REQUIREMENTS or current compensation.

paper airplane graphic


Andesa Celebrates Their Employees During Employee-Ownership Month