Overview
Skills
Job Details
Reply requested for below Job:
Below is the new requirement from the State of Texas (Office of Court Administration.)
IT Auditor II - Austin, TX - Hybrid - On Site and Telework - For State of Texas
The primary work location(s) will be at Office Location - 205 W 14th Street, Austin, TX 78701 - May require travel to other locations in TX..
The working position is Hybrid - On Site and Telework. Any and all travel, per diem, parking, and/or living expenses shall be at the Candidate's and/or Vendor's expense. Office of Court Administration
Job Summary
- Review vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance with contractual obligations.
- Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
- Collect and analyze evidence such as security policies, system configurations, logs, and access records.
- Conduct interviews with vendor personnel to assess security practices and governance.
- Perform control testing and sampling to verify the effectiveness of technical and administrative safeguards.
- Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
- Prepare audit reports summarizing findings, risks, and recommended corrective actions.
- Track remediation efforts and validate closure of audit findings.
- Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.
- CANDIDATE SKILLS AND QUALIFICATIONS
Minimum Requirements: | ||
Years | Required/Preferred | Experience |
5 | Required | Cybersecurity frameworks and compliance: Proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards, with working knowledge of current data protection laws, regulatory compliance, and third-party risk management practices. |
5 | Required | Technical IT auditing: Strong ability to evaluate security controls such as network protection, identity access management, endpoint security, and incident response across modern IT environments. |
5 | Required | Communication and reporting: Experienced in drafting audit reports, presenting findings to executive and legal stakeholders, and engaging vendors constructively. |
5 | Required | Analytical and investigative thinking: Demonstrated ability to identify security gaps, assess risk impact, and make sound, evidence-based recommendations. |
4 | Required | Third-party/vendor risk auditing: Hands-on experience conducting cybersecurity audits of external vendors, including due diligence, contract compliance, and risk assessments. |
3 | Required | Policy and documentation review: Skilled at reviewing and validating security documentation, procedures, and control implementation for accuracy and completeness. |
3 | Preferred | Cloud cybersecurity auditing: Experience auditing vendor environments hosted in AWS, Azure, or Google Cloud, including cloud-native controls and shared responsibility models. |
3 | Preferred | Incident response and breach assessment: Familiarity with analyzing vendor incident response plans, reviewing past breaches, and evaluating remediation practices. |
3 | Preferred | Contract interpretation and SLA compliance: Ability to interpret legal and technical language in vendor contracts to ensure proper implementation of SLAs, IT, and cybersecurity obligations. |
2 | Preferred | Government or regulated industry experience: Background in auditing technology vendors serving courts. |
2 | Preferred | Presentation to executives: Experience summarizing technical findings for non-technical audiences, including C-suite executives or legal counsel. |
1 | Preferred | Certifications: At least one relevant certification (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor). |
Regards,
VIJAY KUMAR A
Sr. Technical Recruiter
Contact: +1 Ext 119
vkm
Cynosure Technologies, LLC
2401 Fountain View D, STE 502, Houston TX 77057