About Insight Assurance
Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.

We’re not your traditional audit firm — we’re tech-enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.

Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.

POSITION SUMMARY

The ISO Analyst supports the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits. Working under the supervision of an Auditor, Lead Auditor, or Manager, the ISO Analyst assists in audit planning, evidence review, report preparation, and overall quality assurance.

This role requires strong attention to detail, effective communication skills, and a foundational understanding of management systems and information security principles.

KEY RESPONSIBILITIES

General Audit Support

• Ensure that all internal processes are followed correctly and consistently.

• Assist in the creation of audit programs and plans for clients and upcoming audits.

• Support evidence classification, review, and sampling activities.

• Take detailed notes during audits and assist in preparing high-quality reports.

• Send recap and follow-up communications as required.

• Collect statistics and support KPI reporting.

• Communicate effectively with stakeholders at all organizational levels using professional language and terminology.

• Maintain ethics, fairness, and accuracy in all audit documentation and reporting.

• Protect confidentiality of personally identifiable information (PII) and intellectual property (IP) belonging to both the firm and clients.

• Demonstrate professionalism and responsibility in all interactions.

Administrative & Coordination Tasks

• Handle client ingestion and onboarding activities.

• Perform HubSpot data scrubbing and updates.

• Register new engagements in Asana and coordinate Insight ONE transfers (in or out).

• Create SharePoint folders and upload Evidence Lists (EL).

• Follow up on CUP (Client Upload Portal) submissions.

Audit Planning Support (in collaboration with the ISO Manager)

• Follow up on CUP status and pending uploads.

• Send planning call recaps and assist with scheduling.

• Communicate auditor assignments and update Asana tasks.

• Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.

Audit Execution Support (in collaboration with ISO Auditors)

• Ensure auditors have access to necessary GRC platforms and client systems.

Audit Reporting & Quality Assurance (in collaboration with ISO Manager)

• Collect metrics on TAT for archive submissions.

• Register findings in the Universal Registry of Findings.

• Complete archive QA forms and support non-technical QA reviews, including:

  • Audit Report

  • Audit Plan

  • Audit Program

  • Registry of Findings

Certificate & Registry Management

• Handle certificate registration in the appropriate database.

• Maintain IAF CertSearch registrations and updates.

Knowledge Requirements
• Organizational structures, governance, and workplace practices.
• Information and data systems, documentation systems, and IT fundamentals.
• Audit principles, practices, and techniques in accordance with ISO standards.
• Management system standards and normative documents required for certification.
• Certification Body (CB) processes and procedures.
• Industry terminology, practices, and expectations relevant to the client’s business sector.
• Common products, processes, and operations across industries to understand client context.
• Application of management system requirements to various organizational types.
• ISMS-specific documentation structures and interrelationships.
• Information security management tools, methods, and techniques.
• Information security risk assessment and risk management principles.
• ISMS processes and current information security technologies.
• ISO/IEC 27001 requirements and implementation principles.
• ISO/IEC 27002 controls (and sector-specific standards if applicable), including:
• Information security policies
• Organization of information security
• Human resource security
• Asset management
• Access control and authorization
• Cryptography
• Physical and environmental security
• Operations and IT service security
• Communications and network security
• System acquisition, development, and maintenance
• Supplier relationships and outsourced services
• Information security incident management
• Business continuity and redundancy planning
• Compliance and information security reviews
• Legal and regulatory requirements in information security by geography and jurisdiction.
• Information security risks and technologies relevant to the client’s industry.
• The impact of organization size, structure, and governance on ISMS implementation.
• Legal and regulatory requirements applicable to products or services.

Key Competencies
• Attention to detail and analytical thinking
• Written and verbal communication
• Integrity, confidentiality, and professionalism
• Understanding of ISO/IEC 27001 and 27002 standards
• Organizational and time management skills
• Team collaboration and adaptability
• Continuous learning and improvement mindset

What We Offer
• Opportunity to work with global experts in cybersecurity and ISO assurance.
• Exposure to top-tier clients and diverse industries.
• Professional development and certification support.
• Collaborative and remote-friendly work environment.
• Competitive compensation and growth opportunities.

 Privacy Notice CCPA: 

• Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
• Insight Assurance does not sell personal data/information under any circumstances.
• You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602

Privacy Notice GDPR:

This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.

We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross-referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.

When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.

We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.

The categories of Personal Data under Processing consist of:

• Identification
• Contact
• Education and Professional
• Interview performance
• Evaluation

You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:

• Right of Access – meaning getting information about the Personal Data under Processing by us, except for the information you already know;
• Right of Erasure – you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
• Right of Opposition or Restriction of Processing – you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
• Rectification – you can rectify your Personal Data at anytime 

We’re a global team of over 400 people, working together to push the boundaries of open-source technology and multi-cloud solutions. Our vision is to help developers, builders, and creators bring their ideas to life with speed and simplicity, by providing a cloud data platform that makes open-source databases, search, streaming, and application infrastructure easily accessible to everyone. 

The Mission:

At Aiven, we are moving from being "the open-source database cloud" to the AI infrastructure provider for future developers. Trust is our product, but security is a business partnering function. Your mission is to ensure that as we innovate at high velocity in AI and agentic workflows, security is built into our product DNA, not bolted on as an afterthought.

We are moving away from an "external auditor" model toward an embedded security model. You will lead a high-talent organization that builds security champions within our product squads, ensuring that we move fast without breaking our promise to customers.

What You’ll Do:

• Embedded Security Leadership: Transition the security function from an outside observer to an internal partner. You will build the frameworks and tooling that allow developers to own the security of their code, turning your team into enablers rather than gatekeepers.
• Commercial Acceleration: Partner closely with our sales leaders to win and retain enterprise customers. You will act as the "Face of Trust," personally engaging with customer CISOs to navigate complex security assessments and accelerate the sales cycle.
• Operational Efficiency: Manage and lead our global security team (currently ~20 people). You will be responsible for defining, defending, and optimizing the service and productivity ratios that determine the efficiency of the security function.
• Business Partnering Mindset: Operate with the understanding that you are a partner to GTM and Product. You help our teams win by providing transparent, precise security data and professional humility, rather than building a siloed "fortress."
• AI & Product Innovation: Define the security guardrails for our next-gen AI services (LLMOps, agentic permissions). You ensure our internal use of AI tools—like coding assistants—is safe and accelerates our engineering output.
• Compliance & Precision: Oversee our core compliance (SOC2, ISO 27k, PCI-DSS) and incident response capabilities, ensuring we meet the highest standards of data residency and operational autonomy for our European sovereign cloud initiatives.

What We're Looking For:

• The Humble Expert: You have deep technical roots but no ego. You don't need to be the "smartest person in the room." You win trust by helping others succeed.
• A Commercial Ally: You understand that a secure product that nobody buys is a failure. You lean into customer conversations and view sales success as part of your own scorecard.
• A Bridge Builder: You know how to heal organizational friction. You move past "throwing rocks" at engineering and focus on shared outcomes.
• Data-Driven Leader: You don't ask for budget or headcount based on "gut feel." You use metrics to show how security spend correlates to risk reduction and business velocity.

Qualifications:

• Proven experience leading security in a high-growth SaaS, Cloud, or Infrastructure company.
• Track record of partnering with GTM functions to close high-ACV enterprise deals.
• Experience implementing "Security Champion" or embedded security programs.
• Experience managing distributed teams across multiple time zones (Europe, North America, APAC).
• Deep familiarity with the European regulatory landscape (GDPR, NIS2, etc.).

Amazing! What’s next:

If you think Aiven is the place for you and that our Values align with yours, send us your resume and we’ll get in touch!

Global Benefits:

Our global benefits are designed to help you thrive and grow, personally and professionally:

• Participate in Aiven’s equity plan.
• Balance work and life with our hybrid work policy.
• Choose the equipment you need to set yourself up for success.
• Use your Professional Development Plan budget for learning opportunities.
• Receive holistic wellbeing support through our global Employee Assistance Program.
• Inquire about our Global Time Off Commitment (Parental and Sick Leave, as well as Personal Time)
• Enjoy country-specific benefits for our global cast.

How to Recognize and Avoid Employment Scams:

There has been a rise in fake job postings used by scammers to get personal information. At Aiven, all of our emails relating to recruitment come from an @aiven.io, @greenhouse.io or @eu.greenhouse.io domain and all of our interviews are conducted by video call or in person.  Our interviews will never occur via text or chat. If you’re unsure of the legitimacy of a job opportunity/offer pertaining to Aiven, please don’t hesitate to reach out to us at recruitment@aiven.io.

Equal Opportunities:

Aiven provides equal employment opportunities to all qualified employees and applicants for employment without regard to age, gender identity, national or ethnic origin, religion, sexual orientation, physical and mental ability, marital and family status or without regard to any other similar personal attributes. Aiven complies with applicable local laws governing non-discrimination in employment in every location in which the company operates. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation, training and any other terms and conditions related to employment.

At Aiven we are committed to providing reasonable accommodations for qualified individuals with disabilities or special needs in our working environment and job application procedures. We make all reasonable accommodations for persons with disabilities or who otherwise need support to thrive in the workplace. We are committed to continuously improving workplace accessibility. There is an option to request a discussion in the application process but if you have any questions before applying please write to us at recruitment@aiven.io.

#LI-Hybrid

About DataCamp

DataCamp's mission is to empower everyone with the data and AI skills essential for 21st-century success. By providing practical, engaging learning experiences, DataCamp equips learners and organizations of all sizes to harness the power of data and AI. As a trusted partner to over 17 million learners and 6,000+ companies, including 80% of the Fortune 1000, DataCamp is leading the charge in addressing the critical data and AI skills shortage.

About the role

The DataCamp Information Security team seeks a Customer Assurance Specialist to support and prepare responses to customer RFPs and RFIs. This team member will also respond to other client requests for information regarding DataCamp’s information security program and its business practices. This role will report to DataCamp’s Head of Security and Privacy, and is part of the Information Security team.

The role requires collaboration across a multitude of teams and internal subject matter experts. Accordingly, a successful candidate must be self-motivated and willing to take the initiative and demonstrate the ability to work collaboratively in a team environment, occasionally under compressed time constraints. The candidate must be detail-oriented, have excellent verbal and written communication skills, and be highly organized. This role requires adherence to strict deadlines and may require providing support during “off-hours.” This role will support DataCamp globally

About you

At DataCamp, we seek individuals who embody our core values of data-driven decision-making, action, transparency, ownership, and customer focus. You thrive in a fast-paced, high-performing environment and are driven by a passion for making a meaningful impact. You're adaptable, embracing change and ambiguity with enthusiasm. Your initiative and entrepreneurial spirit push you beyond just meeting targets—you aim to understand the "why" behind our goals and take ownership to drive the business forward. You’re a collaborative team player who values transparency and always seeks to improve and innovate. If this sounds like you, we encourage you to apply!

Responsibilities

• Assist with and/or fully manage the customer assessments response lifecycle, from kickoff to final submission, in a timely manner.
• Collaborate with internal subject matter experts to gather and validate information required for security questionnaire responses.
• Work with the rest of the Information Security team members to support, collect, track, and update a centralized repository of commonly requested security documentation and questions, ensuring that database content remains up to date with DataCamp’s overall information security program.
• Ensure that all questionnaire responses align with organizational policies, certifications, and compliance requirements (e.g., CCPA, ISO 27001,GDPR).
• Support ad-hoc requests such as vendor onboarding, document requests, and other information requests.
• Track and document metrics related to questionnaire response times, accuracy, and feedback for continuous improvement.
• Review and access customer contracts to ensure compliance and mitigate risk.
• Other supporting tasks as needed

Qualifications

• Although this role is fully remote working, applicants must be located in Argentina OR Portugal
• 2 - 6 Years of experience in GRC, security compliance, customer-facing security assurance or Audit roles
• Hands-on experience with at least one major compliance framework (SOC 2, ISO 27001, NIST CSF/800-53)
• Familiarity with standard questionnaire formats: SIG/SIG Lite, CAIQ, VSA, and custom enterprise assessments
• Proven experience in MS Office Suite
• Attention to detail
• Strong English communication skills (written and verbal) with the ability to utilize multiple communication methods and styles to best reach target audience
• Strong analytical skills and ability to problem-solve and operate with analytical ambiguity
• Exceptional organizational and time management skills
• Strong project management skills with the ability to manage relationships with internal stakeholders across product, legal, finance, and HR teams, as well as interact effectively with customers and customer success managers
• Relevant certifications such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), or CCSP (Certified Cloud Security Professional), or equivalent compliance/GRC certifications

Nice to have

• Experience with trust center platforms (SafeBase, Conveyor, TrustCloud) or GRC platforms (Vanta, Drata, ServiceNow GRC, HyperProof)
• Familiarity with data privacy regulations (e.g. GDPR, CCPA)

Why Datacamp? 

Joining DataCamp means becoming part of a dynamic, creative, and international start-up. Here are just a few of the reasons why you’ll love being on our team:

• Exciting challenges: Face new technical challenges daily, keeping your work engaging and rewarding.
• Competitive compensation: We offer a competitive salary with attractive benefits.
• Flexibility: Benefit from flexible working hours because the future is flexible! 
• Continuous learning: Access a yearly learning budget for conferences & training to support your professional growth.
• Global retreats: Participate in international company retreats, fostering a global team spirit.
• Equipment: Yearly refreshment of your IT Equipment budget for your home working setup.
• Amazing team: Collaborate with a truly exceptional team—seriously, we’re awesome!

About DataCamp

DataCamp's mission is to empower everyone with the data and AI skills essential for 21st-century success. By providing practical, engaging learning experiences, DataCamp equips learners and organizations of all sizes to harness the power of data and AI. As a trusted partner to over 17 million learners and 6,000+ companies, including 80% of the Fortune 1000, DataCamp is leading the charge in addressing the critical data and AI skills shortage.

About the role

The DataCamp Information Security team seeks a Customer Assurance Specialist to support and prepare responses to customer RFPs and RFIs. This team member will also respond to other client requests for information regarding DataCamp’s information security program and its business practices. This role will report to DataCamp’s Head of Security and Privacy, and is part of the Information Security team.

The role requires collaboration across a multitude of teams and internal subject matter experts. Accordingly, a successful candidate must be self-motivated and willing to take the initiative and demonstrate the ability to work collaboratively in a team environment, occasionally under compressed time constraints. The candidate must be detail-oriented, have excellent verbal and written communication skills, and be highly organized. This role requires adherence to strict deadlines and may require providing support during “off-hours.” This role will support DataCamp globally

About you

At DataCamp, we seek individuals who embody our core values of data-driven decision-making, action, transparency, ownership, and customer focus. You thrive in a fast-paced, high-performing environment and are driven by a passion for making a meaningful impact. You're adaptable, embracing change and ambiguity with enthusiasm. Your initiative and entrepreneurial spirit push you beyond just meeting targets—you aim to understand the "why" behind our goals and take ownership to drive the business forward. You’re a collaborative team player who values transparency and always seeks to improve and innovate. If this sounds like you, we encourage you to apply!

Responsibilities

• Assist with and/or fully manage the customer assessments response lifecycle, from kickoff to final submission, in a timely manner.
• Collaborate with internal subject matter experts to gather and validate information required for security questionnaire responses.
• Work with the rest of the Information Security team members to support, collect, track, and update a centralized repository of commonly requested security documentation and questions, ensuring that database content remains up to date with DataCamp’s overall information security program.
• Ensure that all questionnaire responses align with organizational policies, certifications, and compliance requirements (e.g., CCPA, ISO 27001,GDPR).
• Support ad-hoc requests such as vendor onboarding, document requests, and other information requests.
• Track and document metrics related to questionnaire response times, accuracy, and feedback for continuous improvement.
• Review and access customer contracts to ensure compliance and mitigate risk.
• Other supporting tasks as needed

Qualifications

• Although this role is fully remote working, applicants must be located in Argentina OR Portugal
• 2 - 6 Years of experience in GRC, security compliance, customer-facing security assurance or Audit roles
• Hands-on experience with at least one major compliance framework (SOC 2, ISO 27001, NIST CSF/800-53)
• Familiarity with standard questionnaire formats: SIG/SIG Lite, CAIQ, VSA, and custom enterprise assessments
• Proven experience in MS Office Suite
• Attention to detail
• Strong English communication skills (written and verbal) with the ability to utilize multiple communication methods and styles to best reach target audience
• Strong analytical skills and ability to problem-solve and operate with analytical ambiguity
• Exceptional organizational and time management skills
• Strong project management skills with the ability to manage relationships with internal stakeholders across product, legal, finance, and HR teams, as well as interact effectively with customers and customer success managers
• Relevant certifications such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), or CCSP (Certified Cloud Security Professional), or equivalent compliance/GRC certifications

Nice to have

• Experience with trust center platforms (SafeBase, Conveyor, TrustCloud) or GRC platforms (Vanta, Drata, ServiceNow GRC, HyperProof)
• Familiarity with data privacy regulations (e.g. GDPR, CCPA)

Why Datacamp? 

Joining DataCamp means becoming part of a dynamic, creative, and international start-up. Here are just a few of the reasons why you’ll love being on our team:

• Exciting challenges: Face new technical challenges daily, keeping your work engaging and rewarding.
• Competitive compensation: We offer a competitive salary with attractive benefits.
• Flexibility: Benefit from flexible working hours because the future is flexible! 
• Continuous learning: Access a yearly learning budget for conferences & training to support your professional growth.
• Global retreats: Participate in international company retreats, fostering a global team spirit.
• Equipment: Yearly refreshment of your IT Equipment budget for your home working setup.
• Amazing team: Collaborate with a truly exceptional team—seriously, we’re awesome!