About The Team

The Security Stream is dedicated to fostering business growth and enduring customer trust by implementing advanced security measures. They develop balanced security strategies, providing assurance and empowering engineering teams with the necessary tools and guidance. This support covers secure cloud management, establishing secure development practices, and effectively detecting and mitigating security incidents.

A key part of this is the Trust & Information Security Team, which concentrates on maintaining the highest information security standards to safeguard the data and privacy of Miro's customers, employees, and stakeholders. This team manages business risks, ensures adherence to legal and regulatory requirements, and promotes a culture of security awareness. Additionally, they act as trusted compliance advisors to the Go-To-Market (GTM) teams, helping to enable and speed up strategic sales initiatives.

About The Role

We are seeking a highly motivated and experienced Audit Program Manager to lead and manage our security compliance audit programs, with a primary focus on NIST frameworks (e.g., NIST 800-53, CSF) and SOC2 Type II attestations. You will be responsible for the end-to-end lifecycle of audits, from planning and scoping to execution, remediation tracking, and reporting. This role requires a strong understanding of security controls, audit methodologies, risk management, and excellent program management skills.

You will work closely with cross-functional teams, including Engineering, Product (partnering with leaders like Kevin Le - [link to profile]), IT, and Legal, to ensure controls are effectively designed, implemented, and operating. The ideal candidate will possess a blend of deep compliance expertise, and a solid understanding of technical security concepts and cloud environments.

What You’ll Do

• Audit Program Management: Lead the planning, execution, and completion of internal and external audits, including NIST assessments and SOC2 Type II examinations
• Scoping & Planning: Define audit scope, objectives, timelines, and resource requirements in collaboration with stakeholders and external auditors
• Control Assessment: Evaluate the design and operating effectiveness of security controls against NIST and SOC2 requirements
• Evidence Collection: Coordinate and manage the collection, review, and submission of audit evidence from various teams across the organization
• Remediation Tracking: Oversee the tracking and validation of remediation efforts for identified control deficiencies or gaps
• Stakeholder Management: Serve as the primary point of contact for internal teams and external auditors regarding audit activities. Effectively communicate audit progress, findings, and remediation status to leadership
• Cross-functional Collaboration: Work closely with Engineering, Product (specifically collaborating with teams led by Kevin Le), IT, and other departments to integrate compliance requirements into processes and systems
• Policy & Procedure Development: Contribute to the development and refinement of security policies, standards, and procedures to ensure alignment with compliance frameworks
• Risk Management: Assist in identifying, assessing, and mitigating security and compliance risks
• Continuous Improvement: Identify opportunities to enhance the efficiency and effectiveness of the audit and compliance program, potentially leveraging automation and GRC tools
• Reporting: Prepare clear and concise audit reports and dashboards for management and relevant stakeholders
  
  

What You’ll Need

• Bachelor's degree in Information Systems, Computer Science, Business, or a related field, or equivalent practical experience
• Proven experience (typically 5+ years) managing IT/security audit programs
• Direct, hands-on experience managing the full lifecycle of SOC2 Type II audits
• In-depth knowledge and practical experience applying NIST frameworks (e.g., NIST 800-53, NIST CSF)
• Strong understanding of IT governance, risk management, and compliance (GRC) principles
• Excellent program/project management skills, including planning, organization, and stakeholder communication
• Ability to work effectively with technical and non-technical teams
• Strong analytical and problem-solving skills
• Excellent written and verbal communication skills
  
  

What's In It For You

• 401k matching + Competitive equity package
• Excellent Medical, Dental and Vision health benefits
• Fertility & Family Forming Benefits
• Flexible time off
• Lunch, snacks and drinks provided in the office
• Wellbeing benefit and WFH equipment allowance
• Annual learning and development allowance to grow your skills and career
• Up to $2,000 of charitable donation matches each year
  
  

The reasonably estimated salary range is specific to New York and may not be applicable to other locations. The range for this role is $155.000 to $232.000. Final compensation and total package components will be based on individual factors such as the candidate's skills, qualifications, and experience.

About Miro

Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 90M users worldwide, including 99% of the Fortune 100. Miro was founded in 2011 and currently has more than 1,600 employees in 12 hubs around the world.

We are a team of dreamers. We look for individuals who dream big, work hard, and above all stay humble. Collaboration is at the heart of what we do and through our work together we hope to create a supportive, welcoming, and innovative environment. We strive to play as a team to win the world and create a better version of ourselves every day. If this sounds like something that excites you, we want to hear from you!

Check Out More About Life At Miro

• Youtube: https://www.youtube.com/@lifeatmiro
• Blog: https://miro.com/careers/life-at-miro/all/
• Instagram: https://www.instagram.com/mirohq/
  
  

At Miro, we strive to create and foster an environment of belonging and collaboration across cultural differences. Miro’s mission — Empower teams to create the next big thing — is how we think about our product, people, and culture. We believe that creating big things requires diverse and inclusive teams. Diversity invites all talent with different demography, identities and styles to step in, and inclusion invites them to step closer together. Every day, we are working to build a more diverse Miro, cultivate a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences.

Miro handles and uses personal data of job applicants in line with its Recruitment Privacy Policy found here.