Information Security Compliance Auditor | Mid
Job Description
At Nord Security, we’re creating a safer cyber future.
We help people and businesses take back control of their online security, privacy, and data. From VPNs to password managers, threat intelligence to eSIMs for travel—our teams turn complex problems into solutions trusted by millions worldwide.
Life is online. In this role, you’ll help people own it.
About the Role
As an Information Security Compliance Auditor, you will play a key role in strengthening our security and compliance posture. You will lead internal audits across multiple regulatory and industry frameworks, helping ensure that security controls are effectively designed, implemented, and operating as intended.
Working closely with stakeholders across Engineering, Infrastructure, Product, Legal, and Security teams, you will assess compliance readiness, identify improvement opportunities, and support continuous enhancement of our governance, risk, and compliance programs.
Main Responsibilities
Plan, execute, and report on internal audits against security and compliance frameworks, including ISO 27001, ISO 42001, SOC 2, HIPAA, PCI DSS, and other applicable standards.
Evaluate the design and effectiveness of security controls, policies, processes, and operational practices.
Prepare detailed audit reports, document findings, assess risks, and provide practical remediation recommendations.
Track audit findings and corrective action plans, ensuring timely resolution and evidence collection.
Support control owners in understanding compliance requirements and implementing sustainable solutions.
Monitor changes in regulatory and industry requirements and assess their impact on the organization.
Contribute to the development and continuous improvement of internal audit methodologies, compliance programs, and control frameworks.
Assist teams in preparing for external audits, certifications, and customer security assessments.
Promote a culture of security, compliance, and continuous improvement across the organization.
Core Requirements
Previous experience in internal audit, compliance, governance, risk management, or information security.
Good understanding of information security principles and common control frameworks.
Familiarity with one or more compliance standards such as ISO 27001, SOC 2, HIPAA,
PCI DSS, NIST CSF, or similar.
Business-first mindset, with the ability to act as a trusted enabler rather than an enforcer, providing pragmatic, risk-based guidance that supports the business in achieving compliant and sustainable growth.
Strong analytical skills and attention to detail.
Excellent communication and stakeholder management skills.
Ability to interpret requirements and translate them into practical control expectations.
Capability to work independently while effectively collaborating with cross-functional teams.
Strong organizational skills and ability to manage multiple audit engagements simultaneously.
Curiosity and willingness to learn technical concepts and security processes when required.
Nice to Have
Experience participating in certification or attestation audits.
Professional certifications such as ISO 27001 Lead Auditor, CISA, CRISC, CISSP, or similar.
Experience working in SaaS, cybersecurity, fintech, or highly regulated industries.
What You'll Achieve
Improve the effectiveness and maturity of our compliance and control environment.
Help maintain trust with customers, partners, and regulators.
Drive continuous improvement across security, governance, and risk management processes.
Influence security and compliance practices across a fast-growing technology organization
What We Offer
Innovate with industry leaders
Work alongside global experts to build world-leading cybersecurity tools, impacting millions of users around the world.
Learn & grow
Boost your skills via our extensive training programs (online and offline) & other resources. Benefit from mentorship and career-switch opportunities to grow within the company.
Work in a next-gen Cyber City office
Thrive in our bustling office, featuring ergonomic workspaces, modern meeting rooms, engaging events, and specialty coffee to fuel your day.
Hybrid work
Enjoy the flexibility with 3 office days and working from home for the remaining 2.
Work from anywhere
Recharge with a change of scenery – choose work from any location when you feel a need to power your creativity and drive.
Physical well-being
Boost your health with free-of-charge 24/7 gym access, onsite and online workouts, and consultations led by in-house Physical Well-Being experts.
Mental & emotional health
Nurture your mind with free psychologist consultations, dedicated mental health events, and premium access to top-rated wellness apps like Calm, Headspace, and Mindletic.
Premium healthcare
Receive private health insurance giving you peace of mind for your health needs.
Extra days off
Enjoy additional vacation days off as you grow with us. Plus, get extra days for sick leave, special occasions, or parenting needs.
Joyful moments – special treats
Celebrate life’s big moments with special gifts from us on your birthday, anniversary, and other major events, such as weddings or the arrival of a new family member.
Company events & team-building
Experience iconic Nord Security celebrations, team-buildings, and knowledge-sharing events, nurturing bonds that fuel our success.
Workation
Embark on a legendary company getaway abroad, filled with exciting activities, live concerts, engaging workshops, and epic time together.
Kindly refer to our Privacy Notice for Recruitment Candidates for comprehensive information regarding our data handling procedures throughout recruitment processes.
We expect all candidates to provide accurate and complete information during the recruitment process. While limited use of AI tools to refine application materials is acceptable, candidates remain fully responsible for ensuring that their submissions reflect their own qualifications, skills, and experience. Any failure to do so may negatively affect participation in the recruitment process. If broader AI assistance is allowed for a particular role or stage, we’ll let you know in advance.
By submitting your application, you acknowledge that it may be processed using automated tools for evaluation purposes. As part of our recruitment process, we may use an AI-based application review tool to help assess applications based on skills and experience relevant to the role. This technology is used to support - not replace - human decision-making, and every application is ultimately reviewed by a recruiter.
If you would like more information about how AI is used in this process or wish to exercise your rights under applicable data privacy laws, please contact us at [email protected]. Should you prefer to opt out of the automated evaluation, please submit your application directly to [email protected].