About CertPro
CertPro CPA LLC is a licensed, AICPA peer review-enrolled CPA firm specializing in independent compliance audit and attestation services. Our engagements span SOC 2 (Type 1 & 2), ISO 27001, ISO 42001, ISO 27701, HIPAA, and GDPR frameworks. We operate strictly as an independent auditor — not an implementation or consulting provider — serving technology companies, SaaS platforms, and enterprises globally.
Location: On-Site (Bangalore) | Experience: 2+ Years | Type: Full-Time | Department: Audit Team
Key Responsibilities
- Participate as an active member of the audit team in external compliance engagements covering ISO 27001, SOC 2, and related frameworks.
- Evaluate the design and operating effectiveness of IT security controls against applicable standards and criteria.
- Review client-submitted evidence, identify gaps, and document findings.
- Draft clear, professional audit documentation including test procedures, deficiency write-ups, and audit reports.
- Communicate audit findings, information requests, and timelines to clients in a concise and professional manner.
- Stay current with evolving compliance standards, threat landscapes, and industry best practices.
Minimum Qualifications
- ISO 27001 Lead Auditor certification (mandatory).
- Minimum 2 years of hands-on experience in ISO 27001, SOC 2, or Cybersecurity audits as part of an external audit team.
- Demonstrated knowledge of IT security controls, risk management principles, and control frameworks.
- Strong written and verbal communication skills; ability to produce clear, professional correspondence and audit documentation.
Skills & Competencies
- IT Security Controls: Deep understanding of access management, vulnerability management, change management, encryption, and incident response.
- Communication: Ability to interact professionally with clients, articulate audit requirements, and present findings without ambiguity.
- AI Tools: Comfort using AI-assisted tools for research, drafting, and audit workflow enhancement.
- Analytical Thinking: Capacity to evaluate evidence critically and exercise sound professional judgment.
- Attention to Detail: Precision in documentation, cross-referencing evidence, and maintaining audit trails.
