Information Security Auditor

**Redefine the future of customer experiences. One conversation at a time.**: We're changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans. Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service®, our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication. If you're ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you're in the right place. **Build Amazing - Deliver Amazing - Live Amazing - Be Amazing**: **Key Responsibilities**: - Assess compliance of the organization to industry standards, security frameworks, and privacy regulations - Review and update security and privacy policies and procedures to ensure consistency with new and evolving requirements - Plan and conduct internal audits of the design and effectiveness of the organization's security and privacy controls, policies, processes and procedures - Document audit findings, identify and report gaps and risks in controls, and lead remediation efforts - Support external audits by working with the auditor and internal asset, process, and control owners to gather and submit evidence for compliance - Keep up to date with changes in security frameworks, regulatory changes, and commercial requirements that affect the organization's compliance, including all countries where Nextiva provides, or intends to provide, service - Work with product development teams, infrastructure, and other parts of the organization to define policies and procedures, implement remediation plans, and monitor compliance - Effectively use available AI tools to plan and conduct audits, develop policies and procedures, and document audits - Perform other duties to support the security and compliance of the organization as required - Comply with organization information security policies **Qualifications**: - Bachelor's degree in an IT related field or equivalent experience and 2-5 years of experience in working in IT security, software development, or IT or information security audit - Understanding of security and privacy frameworks and regulations, including SOC 2, ISO-27001, UK Cyber Essentials, NIST, NIS2, HITRUST, PCI-DSS, HIPAA, GDPR, and CPRA - Desired certifications - one or more of the following: CISSP (Certified Information Systems Security Professional), Certified Information Security Manager (CISM), SSCP (Systems Security Certified Practitioner), CCSP (Certified Cloud Security Professional) or CompTIA Security+ - Flexibility to work extended hours and off-hours to support global project teams **Competencies**: - Strong analytical problem-solving skills and attention to detail - Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes on tasks and projects in an efficient and productive manner - Ability to form productive relationships across the organization to accomplish information security objectives - Ability and willingness to learn all aspects of the information security field - Professional verbal and written communication skills in English - Able to assess, document, and prioritize identified security control gaps and vulnerabilities based on risk **Nextiva DNA** (Core Competencies) Nextiva's most successful team members share common traits and behaviors: - **Drives Results**: Action-oriented with a passion for solving problems. They bring clarity and **simplicity** to ambiguous situations, challenge the status quo, and ask what can be done differently. They lead and drive change, celebrating success to build more success. - **Critical Thinker**: Understands the "why" and identifies key drivers, learning from the past. They are fact-based and data-driven, **forward-thinking**, and see problems a few steps ahead. They provide options, recommendations, and actions, understanding risks and dependencies. - **Right Attitude**: They are team-oriented, collaborative, competitive, and hate losing. They are resilient, able to bounce back from setbacks, zoom in and out, and get in the trenches to help solve important problems. They cultivate a culture of service, learning, support, and respect, **caring** for customers and teams. **Total Rewards** Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office. - **Medical** - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehe