Every day we tackle new and exciting challenges to empower developers to build modern cloud, mobile, and edge applications that deliver a premium user experience. Couchbase delivers unmatched performance, scalability, flexibility and financial value across cloud, on premises, hybrid, mobile and edge deployments. The database market is undergoing a generational shift and is one of the largest market opportunities in enterprise software due to big trends like the need for digital transformation, acceleration to the cloud and innovation at the edge. Join Couchbase to be a part of a greater change. Here you’ll have the opportunity to learn and grow with some of the most innovative, passionate and humble individuals in the database industry.
At Couchbase, we are in an exciting stage of rapid growth and innovation. As a key member of our Governance, Risk, and Compliance (GRC) team, the IT Auditor plays a crucial role in safeguarding our assets, ensuring compliance, and driving continuous improvement to support the company's ambitious expansion. You'll have the opportunity to learn new skills, grow your career, and work alongside a team of the smartest, most passionate people in the industry.
Location Required: Eastern Canada
Responsibilities
- Oversee the execution of the Information Security Management System (ISMS) audit process, including planning, conducting, and reporting on annual and ad-hoc audits.
- Collaborate with both internal stakeholders and external auditors to ensure smooth and frictionless audits.
- Collaborate with cross-functional teams to gain exposure to various aspects of the business, broadening your skillset and unlocking opportunities for professional development.
- Issue and oversee the resolution of non-conformities identified during audits, providing recommendations to improve the control posture and align ISMS policies with industry best practices.
- Administer and manage the GRC tool to effectively and efficiently run the audits. Map controls across various frameworks to optimize and automate the audit process to achieve productivity gains.
- Assist with the development and delivery of security awareness and training programs for internal teams, fostering a culture of security and compliance.
- Review supplier security questionnaires and conduct third-party risk assessments for new systems and services to ensure compliance with relevant standards.
- Participate in the management of security incidents, including root cause analysis, corrective actions, and final report reviews.
- Plan, design, execute, report, and communicate phishing campaigns to improve organizational resilience.
- Conduct annual risk assessments and maintain the information security risk register, providing strategic insights to the GRC team.
- Demonstrate strong multi-tasking and time management skills to effectively prioritize and deliver on multiple assignments and deadlines.
- Review and document information security standards, controls, processes, internal and external audit outcomes for continuous improvement of Couchbase Compliance program.
- Provide regular and timely status reports on ongoing projects and Information Security Management System (ISMS) activities, ensuring effective communication and progress tracking.
Required Skills and Qualifications:
- Bachelor's degree from an accredited college or university, or equivalent experience
- 5+ years of internal and external audit planning and execution experience preferably in a well known auditing firm.
- Able to explain control requirements to control owners who might be non-technical or at management level.
- Proven expertise in conducting root cause analyses and implementing effective corrective actions
- Excellent verbal and written communication skills, with a strong focus on attention to detail and quality of work
- Independant, energetic, self-starter with keen initiative and a focus on continuous improvement of GRC processes
- Strong relationship-building, interpersonal skills, and aptitude for working in a team environment
- Critical thinking and strong analytical skills with the ability to analyze and interpret results into actionable recommendations
- Certification in Internal Auditing (e.g., CIA, CISA) or Information Security (e.g., CISSP, CISM) is preferred.
- Experience with GRC automation and management tools.
- Required: Strong hands-on experience implementing information security standards (such as ISO 27001, NIST, SOC 2, HIPAA, and PCI-DSS)
- Required: ISO 27001 Lead auditor certification
- Desirable: Experience implementing HITRUST and FedRAMP
- Experience in developing policy, process, and procedure documents.
- Business Continuity Planning certification from an accredited institution is an asset.
Why Couchbase?
Modern customer experiences need a flexible cloud database platform that can power applications spanning from cloud to edge and everything in between. Couchbase’s mission is to simplify how developers and architects develop, deploy and consume modern applications wherever they are. We have reimagined the database with our fast, flexible and affordable cloud database platform Capella, allowing organizations to quickly build applications that deliver premium experiences to their customers– all with best-in-class price performance. More than 30% of the Fortune 100 trust Couchbase to power their modern applications and build innovative new ones. See our recent awards to learn why Couchbase is a great place to work.We are honored to be a part of the Best Places to Work Award for the Bay Area and the UK. Couchbase offers a total rewards approach to benefits that recognizes the value you create here, so that you in turn may best serve yourself and your family. Some benefits include:
- Generous Time Off Program - Flexibility to care for you and your family
- Wellness Benefits - A variety of world class medical plans to choose from, along with dental, vision, life insurance, and employee assistance programs*
- Financial Planning - RSU equity program*, ESPP program*, Retirement program* and Business Travel Insurance
- Career Growth - Be valued, Create value approach
- Fun Perks - A Monthly Lifestyle Spending Account credit, an ergonomic and comfortable in-office / WFH setup. Food & Snacks for in-office employees.
- And much more!
*Note: some programs are not applicable to all countries. Please discuss with a Couchbase recruiter to learn more.
Learn more about Couchbase:
News and Press Releases
Couchbase Capella
Couchbase Blog
Investors
Disclaimer:
Couchbase is committed to being an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Join an impact initiative group and experience the amazing feeling of Couchbase can-do culture.
By using this website and submitting your information, you acknowledge our Candidate Privacy Notice and understand your personal information may be processed in accordance with our Candidate Privacy Notice following guidelines in your country of application.
What We Do
Unlike other NoSQL databases, Couchbase provides an enterprise-class, multicloud to edge database that offers the robust capabilities required for business-critical applications on a highly scalable and available platform. Couchbase is built on open standards, combining the best of NoSQL with the power and familiarity of SQL, to simplify the transition from mainframe and relational databases.
