Overview
Skills
Job Details
I d love to review your profile for this opportunity. Could you please share an updated copy of your resume with me at ? Once you send it, feel free to give me a quick call at so we can discuss the role further.
Kindly ensure your resume reflects the required criteria this will give me an extra edge in presenting your profile strongly to the client.
Looking forward to your response!
Job Title: IT Security Auditor
Location: Austin, TX (Hybrid)
Open for C2C as well.
Job Summary
We are seeking an experienced IT Security & Compliance Auditor to join our team in Austin, TX. The ideal candidate will have a strong background in cybersecurity frameworks, IT auditing, vendor risk management, and regulatory compliance. This role requires both technical expertise and the ability to communicate effectively with executive stakeholders, legal teams, and third-party vendors.
Key Responsibilities
- Audit security controls against frameworks such as NIST, ISO 27001, PCI-DSS, and SOC 2.
- Evaluate IT security controls including network protection, identity & access management, endpoint security, and incident response.
- Conduct third-party/vendor risk audits, including due diligence, contract compliance, and risk assessments.
- Review policies, documentation, and procedures for accuracy and completeness.
- Draft audit reports, present findings to executive and legal stakeholders, and engage vendors to ensure compliance.
- Identify security gaps, assess risks, and recommend evidence-based remediation strategies.
- Participate in cloud environment audits (AWS, Azure, Google Cloud Platform), assessing cloud-native controls and shared responsibility models.
- Evaluate incident response and breach remediation plans of third-party vendors.
- Interpret contracts and SLAs to validate IT and cybersecurity obligations.
- Prepare and deliver presentations of technical findings for C-suite and non-technical audiences
Required/ | Skills/Experience |
Required | Cybersecurity frameworks and compliance: Proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards, with working knowledge of current data protection laws, regulatory compliance, and third-party risk management practices. |
Required | Technical IT auditing: Strong ability to evaluate security controls such as network protection, identity access management, endpoint security, and incident response across modern IT environments. |
Required | Communication and reporting: Experienced in drafting audit reports, presenting findings to executive and legal stakeholders, and engaging vendors constructively. |
Required | Analytical and investigative thinking: Demonstrated ability to identify security gaps, assess risk impact, and make sound, evidence-based recommendations. |
Required | Third-party/vendor risk auditing: Hands-on experience conducting cybersecurity audits of external vendors, including due diligence, contract compliance, and risk assessments. |
Required | Policy and documentation review: Skilled at reviewing and validating security documentation, procedures, and control implementation for accuracy and completeness. |
Preferred | Cloud cybersecurity auditing: Experience auditing vendor environments hosted in AWS, Azure, or Google Cloud, including cloud-native controls and shared responsibility models. |
Preferred | Incident response and breach assessment: Familiarity with analyzing vendor incident response plans, reviewing past breaches, and evaluating remediation practices. |
Preferred | Contract interpretation and SLA compliance: Ability to interpret legal and technical language in vendor contracts to ensure proper implementation of SLAs, IT, and cybersecurity obligations. |
Preferred | Government or regulated industry experience: Background in auditing technology vendors serving courts. |
Preferred | Presentation to executives: Experience summarizing technical findings for non-technical audiences, including C-suite executives or legal counsel. |
Preferred | Certifications: At least one relevant certification (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor). |