Sr. Security Compliance Specialist

IN-Remote

India Careers

Req #: 15447
Type: Regular
Apply
View All Jobs New Search

Avalara, Inc

 
				Overview:

Avalara is looking for a Security controls specialist to join our team, reporting to the Sr. Manager, Governance Risk and Compliance. You will collaborate with multiple teams to design an internal control environment for Sarbanes-Oxley compliance.

Responsibilities:

* Support the build-out of technical SOX controls, working with Security, engineering, finance and IT to document and test controls across key systems.
* Assist in technology risk assessments to identify gaps against IPO-readiness benchmarks
* Help drive IT General Controls implementation, application controls and report testing, coordinating with internal teams and external auditors.
* Work with cross-functional teams to develop process flows, SOPs, and runbooks for key controls.
* Partner with all stakeholder teams to track control ownership, remediation efforts, and evidence collection.

Coordinate the documentation and migration of control information into Avalara's GRC platform.

* Proactively engage on multiple simultaneous projects with internal and external stakeholders to support strategic security and compliance objectives.
* Assist with the performance of ad hoc risk and compliance assessments as needed.

Qualifications:

* Bachelor's degree in Information Technology, Computer Science, or equivalent experience.
* 5+ years of experience in IT Audit, IT Security, or IT Risk Management.
* Proven experience conducting systemic risk analysis in complex technical environments, including reviewing application design and architecture.
* Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST, etc.
* Strong understanding of application security principles, including the ability to assess risk through code and design review processes.
* Deep knowledge of technical controls, including their design, implementation, and effectiveness.

Experience working with business continuity, disaster recovery, vendor risk management, data privacy, and regulatory compliance.

* Skilled in identifying business risks and evaluating trade-offs between technical and business objectives.
* Experience with risk management platforms (e.g., ServiceNow GRC) is a plus.
* Highly self-motivated, proactive, and capable of managing concurrent priorities with minimal supervision.
* Strong organizational, planning, verbal, and written communication skills.
Apply
Share this job:
Email

Avalara, Inc