Internal Auditor

At Workstreet, we’re on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

We are seeking a detail-oriented and proactive Internal Auditor to join our compliance team. This role is ideal for someone with a strong understanding of information security and compliance frameworks, paired with excellent project management and analytical skills. You will be responsible for reviewing and validating control evidence within our GRC platform (Vanta) to ensure ongoing compliance with standards such as ISO 27001, ISO 42001, HIPAA, and GDPR.

• Validate Compliance Evidence: Review, assess, and verify documentation and control evidence within the GRC platform (Vanta) to confirm alignment with ISO 27001, ISO 42001, HIPAA, and GDPR requirements.
• Conduct Internal Audits: Coordinate internal audits and readiness assessments to identify control gaps and recommend effective remediation actions.
• Communicate Audit Insights: Provide clear, timely updates and expectations to internal teams regarding audit timelines, deliverables, and compliance outcomes.

• 2–5 years of experience in internal auditing, compliance, or GRC roles
• Familiarity with compliance frameworks such as ISO 27001, ISO 42001, HIPAA, and GDPR
• Hands-on experience with GRC tools (Vanta preferred or other equivalent platforms)
• Strong organizational and project management skills with the ability to handle multiple tasks simultaneously
• Excellent verbal and written communication skills
• High attention to detail and strong analytical thinking
• Industry certifications (CISA, ISO Lead Auditor, or equivalent) are a plus but not required

• Experience working with SaaS companies or compliance automation environments
• Background in information security or IT risk management
• Familiarity with evidence-based audit programs and process documentation

• Career Development: Clear path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

• Reliable high-speed internet connection.
• Quiet, professional home office setup.
• Must be amenable to work US Eastern Time zone hours.
• Fluency in written and verbal English communication skills.

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.

Employment with Workstreet is contingent upon the successful completion of a background check, which may include verification of employment history, education, and other relevant information, in compliance with applicable laws.