Internal Auditor

At Workstreet, we’re on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

We are seeking a detail-oriented and proactive Internal Auditor to join our compliance team. This role is ideal for someone with a strong understanding of information security and compliance frameworks, paired with excellent project management and analytical skills. You will be responsible for reviewing and validating control evidence within our GRC platform (Vanta) to ensure ongoing compliance with standards such as ISO 27001, ISO 42001, HIPAA, and GDPR.

• Validate Compliance Evidence: Review, assess, and verify documentation and control evidence within the GRC platform (Vanta) to confirm alignment with ISO 27001, ISO 42001, HIPAA, and GDPR requirements.
• Conduct Internal Audits: Coordinate internal audits and readiness assessments to identify control gaps and recommend effective remediation actions.
• Communicate Audit Insights: Provide clear, timely updates and expectations to internal teams regarding audit timelines, deliverables, and compliance outcomes.

• 2–5 years of experience in internal auditing, compliance, or GRC roles
• Familiarity with compliance frameworks such as ISO 27001, ISO 42001, HIPAA, and GDPR
• Hands-on experience with GRC tools (Vanta preferred or other equivalent platforms)
• Strong organizational and project management skills with the ability to handle multiple tasks simultaneously
• Excellent verbal and written communication skills
• High attention to detail and strong analytical thinking
• Industry certifications (CISA, ISO Lead Auditor, or equivalent) are a plus but not required

• Experience working with SaaS companies or compliance automation environments
• Background in information security or IT risk management
• Familiarity with evidence-based audit programs and process documentation

• Career Development: Clear path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

• Reliable high-speed internet connection.
• Quiet, professional home office setup.
• Must be amenable to work US Eastern Time zone hours.
• Fluency in written and verbal English communication skills.

We are proud to be an equal opportunity employer. Workstreet does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans’ Readjustment Assistance Act of 1974, Title I of the Americans with Disabilities Act of 1990, and any other applicable federal, state or local laws, applicants who require reasonable accommodation in the job application process may contact [email protected]

Employment with Workstreet is contingent upon the successful completion of a background check, which may include verification of employment history, education, and other relevant information, in compliance with applicable laws.