Senior Cybersecurity Auditor

We're looking for a Senior Cybersecurity Auditor This role is Office Based

Senior Cybersecurity Auditor | Hybrid | Mumbai, Pune or Hyderabad

Position Summary

The global Governance, Risk and Assurance team is responsible for maintaining compliance with enterprise

cybersecurity control frameworks, policies and procedures. The team is part of the global Cybersecurity

Engineering and Assurance organization at Cornerstone OnDemand.

The Cybersecurity Auditor is a critical role in supporting the overall strategy and vision of the Cybersecurity

Engineering & Assurance team, and reports into the Associate Director of Cybersecurity & Assurance.

In this role, you will be responsible for performing internal audits, enabling cyber certifications and external audits,

managing cyber risk and ensuring continued assurance with the company’s compliance frameworks. Activities

include working with cross-functional teams to improve the maturity and effectiveness of cybersecurity controls,

executing internal audits, keeping policies and operating procedures up-to-date, responding to customer

assessments, and producing metrics, scorecards, reports and dashboards periodically.

In This Role You Will

• Perform cybersecurity audits and risk assessments in all areas of the organization in line with the global

Internal Audit Program’s objectives

• Document audit procedures, recommend remediation plans and liaise independently with stakeholders

to validate implementation

• Work with functional owners to ensure control objectives and activities meet compliance standards for

effectiveness and assurance evidence

• Publish and present timely and high quality audit reports
• Partner with leaders across business functions such as Engineering, Cloud Operations, Privacy, Product

and Customer Success to implement effective cybersecurity controls

• Identify emerging cybersecurity and information technology risks, evaluate internal controls to treat risks,

and develop opportunities to continuously uplift control frameworks

• Work with Cornerstone’s external partners and cross functional teams to schedule appropriate internal

audit testing and/or risk assessments.

• Perform formal reviews of new technologies, initiatives and strategic projects against the company’s

cybersecurity requirements

• Recommend updates to cybersecurity policies, standards and operating procedures to address new

industry practices, requirements and regulations

• Illustrate ownership and accountability and ensure operational efficiency

You've Got What It Takes If You

• Degree in Information Technology, Computer Science, Cybersecurity or related fields
• CISA, CRISC, CISSP and/or ISO 27001 LA/LI desired
• 3y-5y total years of experience in cybersecurity, compliance, IT audits and/or cyber risk management
• Hands-on expertise in industry-standard cybersecurity assurance standards (e.g., SOC 2, ISO 27k, NIST,

PCI DSS, etc.), trends and best practices

• Experience in auditing general and automated controls, including but not limited to logical security,

physical security, change and problem management, data backup, disaster recovery and incident

management

• Knowledge of security tools, technologies and control best practices for domains such as IAM, encryption,

system hardening, anti-malware, data leakage prevention, NIDPS, network security and vulnerability

management

• Hands-on exposure to auditing and/or securing leading cloud PaaS technologies platforms such as AWS,

Google Cloud and Microsoft Azure

• Proficient in Word, Excel, PowerPoint and other Microsoft 365 tools
• Mature data analysis, documentation, articulation and presentation skills
• Ability to communicate effectively with stakeholders across global regions and organizational levels
• Ability to work autonomously with flexibility and excellent judgment
• Ability to work effectively under pressure to meet deadlines
• Ability to solve problems quickly and automate processes
• Ability to work cooperatively as part of a team

Our Culture

Our mission is to empower people, businesses and communities. A culture created less by what we do and more by who we are. When people ask what our team is about, we point to our core values: champion customer success, bring our best, achieve together, get stuff done, and innovate every day. We're always on the lookout for new, curious and capable people who can help us achieve our goal and we are seeking diversity in the people who join our team. We want to make sure that our company reflects the demographic of our customers, clients, and the communities in which we operate. So if you want to work for a friendly, global, inclusive and innovative company, we'd love to meet you!

What We Do

Cornerstone is a premier people development company. We believe people can achieve anything when they have the right development and growth opportunities. We offer organizations the technology, content, expertise and specialized focus to help them realize the potential of their people. Featuring comprehensive recruiting, personalized learning, modern training content, development-driven performance management and holistic employee data management and insights, Cornerstone’s people development solutions are successfully used by more than 100 million+ people in 180+ countries and in nearly 50 languages.

Cornerstone takes special care to ensure the security and privacy of the data of its users.

Check us out on LinkedIn , Comparably , Glassdoor , and Facebook !