IT Auditor 2

Overview

On Site
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 17 day((s))

Skills

UI
Information Technology
Microsoft
Tier 1
Recruiting
Training
Partnership
Project Scoping
Testing
PCI DSS
System On A Chip
Data Security
Risk Management
IT Audit
Security Controls
Network
Identity Management
Endpoint Protection
Communication
Reporting
Technical Drafting
Analytical Skill
Due Diligence
Risk Assessment
Document Review
Documentation
Amazon Web Services
Microsoft Azure
Google Cloud Platform
Google Cloud
Cloud Computing
Incident Management
SLA
Regulatory Compliance
Cyber Security
Auditing
Presentations
Legal
CISA
CISSP
ISACA
ISO/IEC 27001:2005
Oracle Linux

Job Details

CCS Global Tech is a rapidly growing Information Technology company with a diverse portfolio of technology products and services and a large network of industry partnerships. With over 22 years of being a successful business with a global talent pool and presence, CCS is a certified Microsoft Gold Partner and specializes in delivering expert Microsoft based solutions for technical and business needs. We have been recognized by Inc. 500 Magazine as one of the fastest growing small companies in the Unites States.
we are a Tier 1 vendor for the City and County of San Francisco for Cloud Services, Staffing Services and Training Services. For this multi-year opportunity with a diverse set of needs to address, we are currently focusing on establishing partnerships with individuals as well as companies who can help us enhance our overall service portfolio, cut lead times, and ultimately help us deliver successfully. We currently hold sizable Government accounts in the San Francisco bay area including City and County of San Francisco, San Mateo County, and Santa Clara County.
We take great pride in our global reach and local influence. Your experience alongside our highly skilled and talented internal team who guide you along the way, offers key insights into what helps you stand out in a competitive job market.
If you are a partner company, please submit resumes with contact information of your own W2 Consultants only. Submitted consultants are expected to have excellent communication skills.

Project Scope: The Client is looking for IT Auditor 2

Roles/Responsibilities:

  • Review vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance with contractual obligations.
  • Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
  • Collect and analyze evidence such as security policies, system configurations, logs, and access records.
  • Conduct interviews with vendor personnel to assess security practices and governance.
  • Perform control testing and sampling to verify the effectiveness of technical and administrative safeguards.
  • Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
  • Prepare audit reports summarizing findings, risks, and recommended corrective actions.
  • Track remediation efforts and validate closure of audit findings.
  • Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.

Mandatory Skills:

  1. 5 year of experience: Cybersecurity frameworks and compliance: Proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards, with working knowledge of current data protection laws, regulatory compliance, and third-party risk management practices.
  2. 5 year of experience: Technical IT auditing: Strong ability to evaluate security controls such as network protection, identity access management, endpoint security, and incident response across modern IT environments.
  3. 5 year of experience: Communication and reporting: Experienced in drafting audit reports, presenting findings to executive and legal stakeholders, and engaging vendors constructively.
  4. 5 year of experience: Analytical and investigative thinking: Demonstrated ability to identify security gaps, assess risk impact, and make sound, evidence-based recommendations.
  5. 4 year of experience: Third-party/vendor risk auditing: Hands-on experience conducting cybersecurity audits of external vendors, including due diligence, contract compliance, and risk assessments.
  6. 3 year of experience: Policy and documentation review: Skilled at reviewing and validating security documentation, procedures, and control implementation for accuracy and completeness.

Desirable Skills:

  1. 3 Year of experience- Cloud cybersecurity auditing: Experience auditing vendor environments hosted in AWS, Azure, or Google Cloud, including cloud-native controls and shared responsibility models.
  2. 3 Years of experience- Incident response and breach assessment: Familiarity with analyzing vendor incident response plans, reviewing past breaches, and evaluating remediation practices.
  3. 3 Years of experience- Contract interpretation and SLA compliance: Ability to interpret legal and technical language in vendor contracts to ensure proper implementation of SLAs, IT, and cybersecurity obligations.
  4. 2 Years of experience- Government or regulated industry experience: Background in auditing technology vendors serving courts.
  5. 2 Years of experience- Presentation to executives: Experience summarizing technical findings for non-technical audiences, including C-suite executives or legal counsel.
  6. 1 Year of experience- Certifications: At least one relevant certification (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About CCS Global Tech