Vendor Cybersecurity Auditor

Overview

Hybrid
Depends on Experience
Contract - W2
Contract - 6 Month(s)

Skills

Cloud Computing
Data Security
CISA
Regulatory Compliance
IT Audit
Incident Management
Testing
Risk Assessment
Cyber Security
NIST

Job Details

Vendor Cybersecurity Auditor Location: Austin, Texas (onsite and telework must live locally)
Project Length: 3-6+months
About the Role
We are seeking a Vendor Cybersecurity Auditor to assess and ensure the security and compliance of our third-party vendors. In this role, you will evaluate cybersecurity controls, identify gaps, and ensure vendors meet their contractual obligations related to IT and security standards.

This is a critical position that plays a key role in protecting organizational data and managing third-party risk ideal for someone who thrives in detail-driven environments, values evidence-based analysis, and is confident in interfacing with both technical and legal stakeholders.
Minimum Qualifications

  • 5+ years of experience auditing cybersecurity controls against NIST, ISO 27001, SOC 2, or PCI-DSS frameworks.
  • 5+ years of technical IT auditing experience, including assessment of network security, identity access management, endpoint protection, and incident response.
  • Strong experience creating audit documentation and presenting findings to executives, legal, and technical teams.
  • Demonstrated investigative and analytical skills in identifying risk and security gaps.
  • 4+ years of experience in third-party/vendor cybersecurity risk assessments and audits.
  • 3+ years reviewing security policies and documentation for completeness and accuracy.
  • Experience auditing cloud-hosted environments (AWS, Azure, or Google Cloud Platform) and understanding of shared responsibility models.
  • Familiarity with vendor incident response plans and breach assessments.
  • Ability to interpret contracts and ensure alignment with SLAs and cybersecurity requirements.
  • Experience auditing vendors in a government or regulated industry (e.g., courts, justice systems).
  • Proven ability to present complex findings to executive or legal audiences.
  • At least one relevant certification: CISA, CISSP, CRISC, or ISO 27001 Lead Auditor.

Key Responsibilities

  • Review vendor contracts, SLAs, and cybersecurity-related requirements for compliance with contractual obligations.
  • Evaluate vendor security controls against contractual terms and recognized industry standards (e.g., NIST, ISO 27001, SOC 2, PCI-DSS).
  • Analyze documentation and technical evidence including system configurations, access logs, and security policies.
  • Conduct interviews with vendor personnel to assess their security practices and governance maturity.
  • Perform sampling and control testing of administrative and technical safeguards.
  • Identify control deficiencies and assess associated risks to the organization.
  • Draft clear, professional audit reports summarizing findings, risks, and recommended remediations.
  • Track remediation efforts and validate closure of findings.
  • Collaborate with internal teams to ensure vendor risks are appropriately managed and escalated.

Why Join

  • Contribute to an organization committed to data protection and vendor governance.
  • Work in a supportive and collaborative environment with high visibility.
  • Be part of a forward-looking cybersecurity team that values transparency and accountability.
  • Opportunities for professional growth and continued learning.

Genius Road, LLC is proud to be a Certified Women s Business Enterprise, an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications, merit and business need.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.