Audit Manager

About Us

Red Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies that are bringing revolutionary advancements to market in three distinct practice areas: healthcare, cyber, and national security. United by a shared sense of duty and deep belief in the power of innovation, Red Cell is developing powerful tools and solutions to address our Nation’s most pressing problems. 

About Andesite:

Cybersecurity analysts are drowning in an increasingly data-dense security environment. Teams are overburdened. The industry faces a dire talent shortage that threatens the resilience of both government and commercial organizations. 

Andesite is building the next generation cybersecurity analyst experience. Our mission is to supercharge the analysts protecting our country’s networks. When analysts work in our advanced AI security analytics platform, they can analyze decentralized data sets at scale and more quickly respond to threats. They become better and smarter, just by doing the things they’re already built to do. 

We have deep experience with this problem. Our team is born out of the security community and comes from a diverse range of backgrounds and experiences including the CIA, NSA, military, big tech, and start ups.  

We are backed by top investors like General Catalyst and Red Cell Partners. After raising a $15M seed round, we are rapidly scaling. 

Available Location: McLean, VA (hybrid) or Remote (in United States)

The Role:

Andesite is looking for an Audit Manager to join our Security & Compliance team to design, assess, and evaluate our information security and compliance controls, policies, and procedures. You will focus on ensuring our information assets meet rigorous third-party compliance requirements. You have a track record of successfully moving audits to successful closure. As the Audit Manager, you will ensure controls adequately protect and align with industry standards, regulations, and best practices—and more importantly, the controls maintain security measures appropriate for a software-as-a-service vendor.

What You’ll Do:

• Audit Management: Design and conduct detailed assessments and audits for FIPS and NIST 800-53 (Rev. 5), High category for FedRAMP High, and Trust Services Criteria for SOC 2. This includes conducting regular security audits and assessments to identify security controls and processes vulnerabilities and recommending improvements.
• Audit Development: Create and conduct quarterly internal audits to prepare for third-party and customer audits, focusing on security effectiveness and compliance requisites.
• Security by Design: Identify …