logo inner

Senior Auditor - IT, cybersecurity & infrastructure

ZinniaOnsite

WHO WE ARE:


Zinnia is the leading technology platform for accelerating life and annuities growth. With innovative enterprise solutions and data insights, Zinnia simplifies the experience of buying, selling, and administering insurance products. All of which enables more people to protect their financial futures. Our success is driven by a commitment to three core values: be bold, team up, deliver value – and that we do. Zinnia has over $180 billion in assets under administration, serves 100+ carrier clients, 2500 distributors and partners, and over 2 million policyholders.

WHO YOU ARE:


You are a well-rounded internal auditor with a strong foundation in IT General Controls (ITGC), cybersecurity, and infrastructure risk. You’ve led IT-focused audits, but you also enjoy contributing to integrated audits that touch finance, operations, and compliance. You ask smart questions, connect the dots across systems and processes, and never lose sight of the bigger picture. You’re comfortable working with engineers and business leaders alike — translating technical issues into practical risk insights.

You care about helping others grow, and you’re confident mentoring junior auditors to raise the quality of control testing. You thrive in fast-paced environments, enjoy variety in your audit work, and take pride in being both detail-oriented and adaptable.WHAT YOU’LL DO:You will be responsible for working with leadership to plan, execute, and deliver outcomes. 

  • Lead ITGC audit efforts across domains like user access, change management, backup, and segregation of duties.
  • Provide coaching, review, and oversight to junior auditors executing ITGC testing.
  • Collaborate with engineering, legal, and business units to review risks in APIs, digital platforms, and third-party services.
  • Conduct and document walkthroughs, control testing, and remediation tracking aligned to audit standards.
  • Support SOC 2 readiness assessments, including control evaluation against Trust Services Criteria.
  • Evaluate cybersecurity, privacy, and infrastructure risks, including in cloud-native platforms (AWS, GCP).
  • Participate in integrated audits that include financial, operational, and compliance components — even outside your core expertise.
  • Help build audit procedures that link business processes to IT risks and technical control testing.
  • Review API integrations, CI/CD pipelines, and DevOps practices for control coverage and potential gaps.
  • Contribute to audit automation and data-driven testing efforts, including use of tools like SQL, Python, or Excel.
  • Communicate audit results, risks, and recommendations clearly to stakeholders at multiple levels.

WHAT YOU’LL NEED:


  • Bachelor’s degree in Information Systems, Accounting, Finance, Engineering, or a related field.
  • 5–8 years of progressive experience in internal audit or IT risk, including leading ITGC audits.
  • Demonstrated ability to mentor junior auditors and ensure quality execution of control testing.
  • Strong working knowledge of:
  • ITGC domains: access controls, change management, backups, SDLC
  • Cloud environments (AWS, GCP, Azure): IAM, encryption, monitoring
  • DevOps / CI-CD practices, third-party risk, and infrastructure security
  • Identity and access management (IAM)
  • Logging and monitoring
  • Vulnerability management
  • Encryption and backup
  • Familiarity with one or more frameworks: SOC 2, NIST CSF, ISO 27001, HIPAA, CCPA
  • Experience participating in multi-disciplinary audits (e.g., combining financial and IT testing)
  • Experience in working with or auditing security, DevOps, or engineering teams is strongly preferred.
  • High-quality documentation and communication skills, including audit reporting and issue articulation.
  • Proficiency with Microsoft Excel; experience with SQL, Python, Tableau, or GRC platforms is a plus.
  • PROFESSIONAL CERTIFICATIONS (One or more preferred):
  • CISA – Certified Information Systems Auditor
  • CISSP – Certified Information Systems Security Professional
  • CCSK – Certificate of Cloud Security Knowledge
  • CIPP/US – Certified Information Privacy Professional – U.S.
  • CRISC – Certified in Risk and Information Systems Control

WHAT’S IN IT FOR YOU?


We’re looking for the best and brightest innovators in the industry to join our team. At Zinnia, you collaborate with smart, creative professionals who are dedicated to delivering cutting-edge technologies, deeper data insights, and enhanced services to transform how insurance is done. Visit our website at www.zinnia.com for more information. Apply by completing the online application on the careers section of our website. We are an Equal Opportunity employer committed to a diverse workforce. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability.#LI-UM1

Life at Zinnia

Zinnia is Where Complexity Ends and Simplicity Begins. By merging decades of industry expertise with advanced technology, Zinnia seeks to transform the life and annuity experience from end-to-end. We will empower our clients to innovate and launch products faster, to buy, sell, manage, and service products more effectively, and to better serve their customers. Contact us by email at info@zinnia.com or visit Zinnia at www.Zinnia.com to learn more.
Thrive Here & What We Value1. Collaborative environment with smart, creative professionals2. Innovation and cutting-edge technologies emphasis3. Diversity and equal opportunity employment commitment4. Competitive compensation and benefits package (including health/dental insurance, parental leave, profit sharing, 401(k), tuition reimbursement)5. Opportunities for career progression and professional growth6. Focus on delivering cutting-edge technologies and enhanced services in the insurance industry7. Collaborative team environment with mentorship opportunities8. Strong sense of product and user experience9. Emphasis on learning new technologies and tools across the stack10. Active participation in strategic initiatives, enhancing operational efficiency and effectiveness
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025