Overview
On Site
Depends on Experience
Accepts corp to corp applications
Contract - Independent
Contract - W2
No Travel Required
Skills
Risk Management
Policies and Procedures
Incident Management
Legal
Microsoft Azure
Network
Google Cloud Platform
ISACA
Documentation
Due Diligence
Endpoint Protection
Communication
Corrective And Preventive Action
Cyber Security
Data Security
Amazon Web Services
Analytical Skill
Auditing
CISA
CISSP
Cloud Computing
Evaluation
Google Cloud
Regulatory Compliance
Risk Assessment
ISO/IEC 27001:2005
IT Audit
Identity Management
PCI DSS
Presentations
System On A Chip
Technical Drafting
Testing
Job Details
Job Title: IT Auditor II
Location: Austin, TX
Duration: 5 MonthsJob DescriptionWe are seeking an experienced IT Auditor II to perform comprehensive audits of vendor IT and cybersecurity practices. The role involves reviewing vendor contracts, testing technical safeguards, identifying risks, and ensuring compliance with contractual, regulatory, and industry standards.Responsibilities:
Location: Austin, TX
Duration: 5 MonthsJob DescriptionWe are seeking an experienced IT Auditor II to perform comprehensive audits of vendor IT and cybersecurity practices. The role involves reviewing vendor contracts, testing technical safeguards, identifying risks, and ensuring compliance with contractual, regulatory, and industry standards.Responsibilities:
- Review vendor contracts, SLAs, and cybersecurity requirements to confirm compliance.
- Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
- Collect and analyze evidence including security policies, system configurations, logs, and access records.
- Conduct interviews with vendor personnel to assess security practices and governance.
- Perform control testing and sampling to verify effectiveness of safeguards.
- Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
- Prepare audit reports summarizing findings, risks, and corrective action recommendations.
- Track remediation efforts and validate closure of audit findings.
- Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.
- 5+ years Proven experience auditing controls against cybersecurity frameworks (NIST, ISO 27001, PCI-DSS, SOC 2) and knowledge of data protection laws, regulatory compliance, and third-party risk management.
- 5+ years Technical IT auditing, including evaluation of network protection, identity and access management, endpoint security, and incident response.
- 5+ years Strong communication skills for drafting audit reports, presenting findings to executives/legal stakeholders, and engaging vendors constructively.
- 5+ years Analytical and investigative skills to identify security gaps, assess risks, and recommend solutions.
- 4+ years Experience auditing third-party/vendor cybersecurity practices, including due diligence, contract compliance, and risk assessments.
- 3+ years Skilled at reviewing and validating security documentation, policies, and procedures for accuracy and completeness.
- 3+ years Experience auditing cloud environments (AWS, Azure, Google Cloud) including cloud-native controls and shared responsibility models.
- 3+ years Familiarity with incident response and breach assessment, including vendor remediation practices.
- 3+ years Ability to interpret legal/technical language in contracts to validate SLAs, IT, and cybersecurity obligations.
- 2+ years Experience auditing technology vendors in government or regulated industries.
- 2+ years Experience presenting technical findings to non-technical audiences, including executives and legal counsel.
- 1+ year Possession of at least one relevant certification (CISA, CISSP, CRISC, ISO 27001 Lead Auditor).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.