LEAD IT Auditor

Overview

Hybrid
$50 - $55
Contract - W2
Contract - 12 Month(s)

Skills

IT Auditor
Cybersecurity frameworks and compliance

Job Details

  • Review vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance with contractual obligations.
  • Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
  • Collect and analyze evidence such as security policies, system configurations, logs, and access records.
  • Conduct interviews with vendor personnel to assess security practices and governance.
  • Perform control testing and sampling to verify the effectiveness of technical and administrative safeguards.
  • Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
  • Prepare audit reports summarizing findings, risks, and recommended corrective actions.
  • Track remediation efforts and validate closure of audit findings.
  • Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.
  1. Candidate Skills and Qualifications

Minimum Requirements (Required):

  • 5 years Cybersecurity frameworks and compliance (NIST, ISO 27001, PCI-DSS, SOC 2, regulatory compliance, third-party risk management).
  • 5 years Technical IT auditing (security controls such as network protection, IAM, endpoint security, incident response).
  • 5 years Communication and reporting (audit report drafting, presenting to executives/legal, vendor engagement).
  • 5 years Analytical and investigative thinking for security gaps, risk analysis, and recommendations.
  • 4 years Third-party/vendor risk auditing (cybersecurity audits, due diligence, compliance).
  • 3 years Policy and documentation review (validating security procedures and control implementation).

Preferred Qualifications:

  • 3 years Cloud cybersecurity auditing (AWS, Azure, Google Cloud).
  • 3 years Incident response and breach assessment.
  • 3 years Contract and SLA compliance review.
  • 2 years Government or regulated industry auditing.
  • 2 years Executive presentations (technical findings to non-technical audiences).
  • 1 year Certifications (CISA, CISSP, CRISC, ISO 27001 Lead Auditor).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.