Vendor Cybersecurity Auditor #2945

Austin, TX - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Vendor Cybersecurity Auditor
Location: Austin Texas (onsite and telework must live locally)
Project Length: 3-6months

About the Role
We are seeking a Vendor Cybersecurity Auditor to assess and ensure the security and compliance of our third-party this role you will evaluate cybersecurity controls identify gaps and ensure vendors meet their contractual obligations related to IT and security standards.

This is a critical position that plays a key role in protecting organizational data and managing third-party risk ideal for someone who thrives in detail-driven environments values evidence-based analysis and is confident in interfacing with both technical and legal stakeholders.

Minimum Qualifications

5 years of experience auditing cybersecurity controls against NIST ISO 27001 SOC 2 or PCI-DSS frameworks.
5 years of technical IT auditing experience including assessment of network security identity access management endpoint protection and incident response.
Strong experience creating audit documentation and presenting findings to executives legal and technical teams.
Demonstrated investigative and analytical skills in identifying risk and security gaps.
4 years of experience in third-party/vendor cybersecurity risk assessments and audits.
3 years reviewing security policies and documentation for completeness and accuracy.
Experience auditing cloud-hosted environments (AWS Azure or GCP) and understanding of shared responsibility models
Familiarity with vendor incident response plans and breach assessments.
Ability to interpret contracts and ensure alignment with SLAs and cybersecurity requirements.
Experience auditing vendors in a government or regulated industry (e.g. courts justice systems).
Proven ability to present complex findings to executive or legal audiences.
At least one relevant certification: CISA CISSP CRISC or ISO 27001 Lead Auditor.

Key Responsibilities

Review vendor contracts SLAs and cybersecurity-related requirements for compliance with contractual obligations.
Evaluate vendor security controls against contractual terms and recognized industry standards (e.g. NIST ISO 27001 SOC 2 PCI-DSS).
Analyze documentation and technical evidence including system configurations access logs and security policies.
Conduct interviews with vendor personnel to assess their security practices and governance maturity.
Perform sampling and control testing of administrative and technical safeguards.
Identify control deficiencies and assess associated risks to the organization.
Draft clear professional audit reports summarizing findings risks and recommended remediations.
Track remediation efforts and validate closure of findings.
Collaborate with internal teams to ensure vendor risks are appropriately managed and escalated.

Why Join

Contribute to an organization committed to data protection and vendor governance.
Work in a supportive and collaborative environment with high visibility.
Be part of a forward-looking cybersecurity team that values transparency and accountability.
Opportunities for professional growth and continued learning.

Genius Road LLC is proud to be a Certified Womens Business Enterprise an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications merit and business need.

Vendor Cybersecurity AuditorLocation: Austin Texas (onsite and telework must live locally)Project Length: 3-6monthsAbout the RoleWe are seeking a Vendor Cybersecurity Auditor to assess and ensure the security and compliance of our third-party this role you will evaluate cybersecurity controls iden...

5 years of experience auditing cybersecurity controls against NIST ISO 27001 SOC 2 or PCI-DSS frameworks.
5 years of technical IT auditing experience including assessment of network security identity access management endpoint protection and incident response.
Strong experience creating audit documentation and presenting findings to executives legal and technical teams.
Demonstrated investigative and analytical skills in identifying risk and security gaps.
4 years of experience in third-party/vendor cybersecurity risk assessments and audits.
3 years reviewing security policies and documentation for completeness and accuracy.
Experience auditing cloud-hosted environments (AWS Azure or GCP) and understanding of shared responsibility models
Familiarity with vendor incident response plans and breach assessments.
Ability to interpret contracts and ensure alignment with SLAs and cybersecurity requirements.
Experience auditing vendors in a government or regulated industry (e.g. courts justice systems).
Proven ability to present complex findings to executive or legal audiences.
At least one relevant certification: CISA CISSP CRISC or ISO 27001 Lead Auditor.

Key Responsibilities

Review vendor contracts SLAs and cybersecurity-related requirements for compliance with contractual obligations.
Evaluate vendor security controls against contractual terms and recognized industry standards (e.g. NIST ISO 27001 SOC 2 PCI-DSS).
Analyze documentation and technical evidence including system configurations access logs and security policies.
Conduct interviews with vendor personnel to assess their security practices and governance maturity.
Perform sampling and control testing of administrative and technical safeguards.
Identify control deficiencies and assess associated risks to the organization.
Draft clear professional audit reports summarizing findings risks and recommended remediations.
Track remediation efforts and validate closure of findings.
Collaborate with internal teams to ensure vendor risks are appropriately managed and escalated.

Why Join

Contribute to an organization committed to data protection and vendor governance.
Work in a supportive and collaborative environment with high visibility.
Be part of a forward-looking cybersecurity team that values transparency and accountability.
Opportunities for professional growth and continued learning.