×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Risk & Audit Specialist

Job in Las Cruces, Dona Ana County, New Mexico, 88001, USA
Listing for: Remote-Woman
Full Time position
Listed on 2026-06-27
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 120000 USD Yearly USD 80000.00 120000.00 YEAR
Job Description & How to Apply Below

About Upsun (formerly Platform.sh)

Upsun is the cloud application platform humans and robots love. It is built for today’s hybrid teams, where AI agents write and test code and humans focus on solving the problems that really matter. Developers, Dev Ops engineers, and platform teams use Upsun to build, ship, and scale confidently without wrestling with backend infrastructure. We give you your time back.

You get:

  • Predictable performance, even at scale
  • Secure, compliant environments by default
  • Real‑time observability and profiling built in
  • Cloning, configuration, and provisioning in seconds
  • AI‑ready features that plug directly into your stack

Our values are founded on making a positive impact, aiming for the stars, and caring for each other.

Impact of a Senior Risk & Audit Specialist

As a Senior Risk & Audit Specialist at Upsun, you help keep our security, risk, audit, and compliance work moving with clarity, care, and consistency. Reporting to the Director, Risk & Audit, you'll work closely with teams across Security, Engineering, IT, Legal, Product, and Sales to keep key audits and certifications (including ISO 27001, SOC 2, PCI DSS, and HIPAA) on track and our global business audit‑ready.

You partner with control owners across the business to coordinate evidence, monitor risk, and turn complex requirements into guidance that is easy to act on. Beyond keeping audits on track, you contribute to the long‑term evolution of our risk and compliance program by supporting readiness for new and expanding assurance needs, simplifying repeatable processes, and improving evidence quality.

What to expect

Audit & Certification Support: Support active and upcoming audits, including ISO 27001, SOC 2, PCI DSS, HIPAA, and other relevant assurance work by coordinating evidence collection, reviewing evidence quality, scheduling walkthroughs, and following up with control owners.

Risk & Control Management: Support risk assessments, risk register updates, control monitoring, issue tracking, and risk treatment follow‑up by working with teams to identify control gaps, agree on practical actions, and track remediation through to completion.

Third‑Party

Risk Management:

 Conduct third‑party risk management reviews to support a comprehensive view of organizational risk.

Compliance Program Support: Support ongoing compliance activities across established frameworks and emerging readiness work (including Australia ISM/IRAP/HCF, NIS2, and ISO 42001/AIM) while maintaining policies, procedures, control narratives and supporting documentation.

Customer & Stakeholder Support: Respond to customer and prospect security or compliance questions in partnership with Sales, Legal, Security, and Product, and support updates to the Trust Center and other trust documentation.

Reporting & Continuous Improvement: Prepare clear updates on audit status, risks, blockers, metrics, and remediation progress for leadership and look for opportunities to simplify repeatable processes and reduce audit friction for control owners.

Tooling & Process Management: Use risk, audit, and compliance tools to keep work organized, traceable, and easy to report on.

Internal Audit Support: Support internal audit and review activities as needed.

What you bring

Risk & Compliance

Experience:

 5+ years of experience in risk, audit, compliance, governance, security assurance, or a closely related area.

Audit

Experience:

 Hands‑on experience supporting audits, evidence collection, control testing or monitoring, and remediation tracking.

Framework Knowledge: Working knowledge of security and compliance frameworks such as ISO 27001, SOC 2, PCI DSS, HIPAA, ISO 42001, GDPR, PIPEDA, or similar standards.

Communication

Skills:

 Ability to explain requirements clearly to both technical and non‑technical audiences.

Organization & Prioritization: Strong organization and prioritization skills, especially when managing several deadlines at once.

Judgement & Problem‑Solving: Good judgement, attention to detail, and a practical approach to solving problems.

Remote & Cross‑Functional

Collaboration:

 Comfort working in a remote, global environment with cross‑functional teams across varied timezones.

Bonus Points
  • Exp…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search