Overview
On Site
Hybrid
USD 70.00 per hour
Full Time
Skills
Recruiting
Contract Management
PCI DSS
System On A Chip
Data Security
IT Audit
Network
Endpoint Protection
Communication
Reporting
Technical Drafting
Analytical Skill
Document Review
Documentation
Cloud Computing
Amazon Web Services
Microsoft Azure
Google Cloud Platform
Google Cloud
Incident Management
SLA
Legal
Presentations
CISA
CISSP
ISACA
ISO/IEC 27001:2005
Attention To Detail
Risk Management
Evaluation
Cyber Security
Testing
Regulatory Compliance
Auditing
Job Details
Date Posted: 09/28/2025
Hiring Organization: Rose International
Position Number: 489185
Industry: Government
Job Title: Vendor Cybersecurity Auditor
Job Location: Austin, TX, USA, 78701
Work Model: Hybrid
Work Model Details: Hybrid schedule to be determined
Shift: M-F, 8-5
Employment Type: Temporary
FT/PT: Full-Time
Estimated Duration (In months): 10
Min Hourly Rate($): 70.00
Max Hourly Rate($): 78.00
Must Have Skills/Attributes: Auditor, AWS, Azure, Contract Management, Cybersecurity, Google Cloud
Nice To Have Skills/Attributes: CISA, CISSP, CRISC, State Agency experience
Experience Desired: Auditing NIST, ISO 27001, PCI-DSS, or SOC 2 standards; knowledge of data protection. (5 yrs); Auditing third-party risk management (5 yrs); Evaluate controls such as network protection, IAM, endpoint security, and incident response. (5 yrs); Drafting audit reports and presenting findings to stakeholders (5 yrs); Proven ability to identify gaps, assess risks, and recommend actions (5 yrs); Experience with AWS, Azure, or Google Cloud Platform environments and shared responsibility models (3 yrs); Conducting cybersecurity audits of external vendors. (4 yrs)
Required Minimum Education: Associate's Degree
Preferred Education: Bachelor's Degree
**C2C is not available**
Job Description
***Candidate must be local in Austin, TX***
Minimum Requirements:
5 years - Cybersecurity frameworks and compliance: Experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards; knowledge of data protection laws and third-party risk management.
5 years - Technical IT auditing: Ability to evaluate controls such as network protection, IAM, endpoint security, and incident response.
5 years - Communication and reporting: Skilled in drafting audit reports and presenting findings to executive/legal stakeholders.
5 years - Analytical and investigative thinking: Proven ability to identify gaps, assess risks, and recommend actions.
4 years - Third-party/vendor risk auditing: Experience conducting cybersecurity audits of external vendors.
3 years - Policy and documentation review: Skilled in reviewing security documentation and control implementation.
Preferred Skills/Experience:
3 years - Cloud cybersecurity auditing: Experience with AWS, Azure, or Google Cloud Platform environments and shared responsibility models.
3 years - Incident response and breach assessment: Familiarity with vendor incident response plans and breach evaluations.
3 years - Contract interpretation and SLA compliance: Ability to interpret legal/technical language in contracts.
2 years - Government or regulated industry experience: Auditing vendors serving courts or similar entities.
2 years - Presentation to executives: Experience summarizing technical findings for non-technical audiences.
1 year - Certifications: Possession of at least one relevant certification (e.g., CISA, CISSP, CRISC, ISO 27001 Lead Auditor).
We are seeking a skilled and detail-oriented Vendor Cybersecurity Auditor to assess and validate the cybersecurity posture of third-party vendors. This role involves reviewing contracts, evaluating technical controls, conducting audits, and ensuring compliance with industry standards and regulatory requirements. The ideal candidate will have a strong background in cybersecurity auditing, vendor risk management, and technical evaluation of IT environments.
Responsibilities:
Review vendor contracts, SLAs, and cybersecurity requirements to confirm compliance.
Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
Collect and analyze evidence such as security policies, system configurations, logs, and access records.
Conduct interviews with vendor personnel to assess security practices and governance.
Perform control testing and sampling to verify the effectiveness of safeguards.
Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
Prepare audit reports summarizing findings, risks, and recommended corrective actions.
Track remediation efforts and validate closure of audit findings.
Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).
Hiring Organization: Rose International
Position Number: 489185
Industry: Government
Job Title: Vendor Cybersecurity Auditor
Job Location: Austin, TX, USA, 78701
Work Model: Hybrid
Work Model Details: Hybrid schedule to be determined
Shift: M-F, 8-5
Employment Type: Temporary
FT/PT: Full-Time
Estimated Duration (In months): 10
Min Hourly Rate($): 70.00
Max Hourly Rate($): 78.00
Must Have Skills/Attributes: Auditor, AWS, Azure, Contract Management, Cybersecurity, Google Cloud
Nice To Have Skills/Attributes: CISA, CISSP, CRISC, State Agency experience
Experience Desired: Auditing NIST, ISO 27001, PCI-DSS, or SOC 2 standards; knowledge of data protection. (5 yrs); Auditing third-party risk management (5 yrs); Evaluate controls such as network protection, IAM, endpoint security, and incident response. (5 yrs); Drafting audit reports and presenting findings to stakeholders (5 yrs); Proven ability to identify gaps, assess risks, and recommend actions (5 yrs); Experience with AWS, Azure, or Google Cloud Platform environments and shared responsibility models (3 yrs); Conducting cybersecurity audits of external vendors. (4 yrs)
Required Minimum Education: Associate's Degree
Preferred Education: Bachelor's Degree
**C2C is not available**
Job Description
***Candidate must be local in Austin, TX***
Minimum Requirements:
5 years - Cybersecurity frameworks and compliance: Experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards; knowledge of data protection laws and third-party risk management.
5 years - Technical IT auditing: Ability to evaluate controls such as network protection, IAM, endpoint security, and incident response.
5 years - Communication and reporting: Skilled in drafting audit reports and presenting findings to executive/legal stakeholders.
5 years - Analytical and investigative thinking: Proven ability to identify gaps, assess risks, and recommend actions.
4 years - Third-party/vendor risk auditing: Experience conducting cybersecurity audits of external vendors.
3 years - Policy and documentation review: Skilled in reviewing security documentation and control implementation.
Preferred Skills/Experience:
3 years - Cloud cybersecurity auditing: Experience with AWS, Azure, or Google Cloud Platform environments and shared responsibility models.
3 years - Incident response and breach assessment: Familiarity with vendor incident response plans and breach evaluations.
3 years - Contract interpretation and SLA compliance: Ability to interpret legal/technical language in contracts.
2 years - Government or regulated industry experience: Auditing vendors serving courts or similar entities.
2 years - Presentation to executives: Experience summarizing technical findings for non-technical audiences.
1 year - Certifications: Possession of at least one relevant certification (e.g., CISA, CISSP, CRISC, ISO 27001 Lead Auditor).
We are seeking a skilled and detail-oriented Vendor Cybersecurity Auditor to assess and validate the cybersecurity posture of third-party vendors. This role involves reviewing contracts, evaluating technical controls, conducting audits, and ensuring compliance with industry standards and regulatory requirements. The ideal candidate will have a strong background in cybersecurity auditing, vendor risk management, and technical evaluation of IT environments.
Responsibilities:
Review vendor contracts, SLAs, and cybersecurity requirements to confirm compliance.
Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
Collect and analyze evidence such as security policies, system configurations, logs, and access records.
Conduct interviews with vendor personnel to assess security practices and governance.
Perform control testing and sampling to verify the effectiveness of safeguards.
Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
Prepare audit reports summarizing findings, risks, and recommended corrective actions.
Track remediation efforts and validate closure of audit findings.
Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.
- **Only those lawfully authorized to work in the designated country associated with the position will be considered.**
- **Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client's business needs and requirements.**
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.