Audit Program Director
Nordic Global · United States · 4 days ago
RemoteRemoteAccountingFull-time
Key Responsibilities
- Leading and actively executing Nordic’s internal and external audit program across Information Technology and related business functions
- Managing the full audit lifecycle, including audit planning, readiness activities, evidence collection, evidence review, auditor coordination, issue tracking, and remediation follow-up
- Directly participating in the execution of audits alongside internal team members and cross-functional stakeholders, ensuring timely and accurate completion of audit activities
- Serving as the primary owner for internal, external, and certification audits and assessments related to Cyber Essentials, ISO/IEC 27001, HITRUST CSF, NIST-based control assessments, and SOC 2 examinations
- Cooking with internal and external auditors, assessors, certifying bodies, and business stakeholders to support successful audit execution and timely responses to requests
- Developing, maintaining, and improving audit procedures, standards, documentation, and evidence repositories to support repeatable and efficient audit performance
- Absessing the design and operating effectiveness of controls and identifying opportunities to strengthen Nordic’s control environment, compliance posture, and operational maturity
- Tracking audit findings, observations, and remediation activities through closure, while driving accountability across technical and business teams
- Partnership closely with Information Security, Infrastructure, Compliance, Privacy, Legal, and operational teams to ensure alignment of audit activity with organizational priorities and obligations
- Supporting ongoing control maturity and audit readiness efforts through gap assessments, internal reviews, process improvement initiatives, and policy or control enhancement recommendations
- Preparing clear and concise audit status updates, findings summaries, risk insights, and remediation progress reports for leadership and key stakeholders
- Monitoring changes in relevant regulatory, certification, and assurance requirements and helping translate those changes into audit and control program updates
- Promoting a culture of accountability, transparency, and continuous improvement in support of Nordic’s risk management and assurance objectives
Skills And Experience
- Bachelor’s degree in information technology, cybersecurity, risk management, business, or related field, or equivalent work experience required
- 15+ years of progressive experience in audit, cybersecurity, compliance, risk management, or information security roles, with experience leading and directly executing audit activities
- Demonstrated experience managing and performing internal and external audits across cybersecurity, compliance, and control frameworks
- Strong working knowledge of Cyber Essentials, ISO/IEC 27001, HITRUST CSF, NIST Cybersecurity Framework (CSF) 2.0, and SOC 2 / Trust Services Criteria audits and assessments required
- Experience coordinating with external auditors, certification bodies, assessors, and internal stakeholders in support of successful audit and certification outcomes
- Proven ability to assess control design and operating effectiveness, identify gaps, and drive remediation efforts through closure
- Strong understanding of IT general controls, cybersecurity controls, risk management practices, and audit evidence requirements
- Strong analytical, organizational, and problem-solving skills with exceptional attention to detail
- Excellent written and verbal communication skills, with the ability to communicate effectively with technical teams, business stakeholders, auditors, and executive leadership
- Ability to prioritize multiple initiatives, manage competing deadlines, and maintain a high level of accuracy and accountability
- Experience developing or improving audit procedures, documentation standards, and repeatable control validation processes preferred
- Relevant certifications such as CISA, CRISC, CISM, CISSP, CCSP, ISO/IEC 27001 Lead Implementer or Lead Auditor, or HITRUST CCSFP preferred