IT Auditor Lead

Austin, TX - USA

Monthly Salary: Not Disclosed

Posted on: 9 hours ago

Vacancies: 1 Vacancy

Job Summary

Role: IT Auditor Lead

Location: Austin TX 78741 (On-site with Hybrid)

Duration: Long Term Contract

Job Description:
We are seeking a highly motivated and talented individual to join our cybersecurity team at the Texas Office of the Attorney General (TxOAG) as an IT Auditor. The IT Auditor is responsible for providing independent assurance over the organizations information technology and cybersecurity control environment. The role supports risk management regulatory compliance and the overall effectiveness of cybersecurity governance.

Responsibilities may include but are not limited to:

Plan execute and report on IT and cybersecurity audits to assess the effectiveness of security controls risk management practices and compliance with policies and regulations
Evaluate the design and operating effectiveness of cybersecurity controls across areas such as identity and access management network security endpoint protection cloud security and data protection
Conduct risk assessments and control testing aligned to recognized frameworks (e.g. NIST CSF ISO 27001 CIS Controls COBIT)
Assess compliance with applicable regulatory and contractual requirements (e.g. SOX PCI DSS HIPAA GDPR SOC reports internal policies)
Review vulnerability management incident response disaster recovery and business continuity processes to ensure preparedness and resilience
Collaborate closely with GRC and business stakeholders to understand systems processes and compliance
Identify control gaps root causes and risk implications and develop clear actionable audit findings and recommendations
Track and validate remediation efforts to ensure timely and effective resolution of audit issues
Support third-party risk assessments including reviews of vendor security controls and SOC reports
Stay current on evolving regulatory changes and industry best practices to continuously enhance audit approaches
Contribute to the continuous improvement of audit methodologies tools and automation techniques
Prepare and present audit results to management and when required senior leadership or audit committees.
The above job description and requirements are general in nature and may be subject to change based on the specific needs and requirements of the organization and project.

II. Candidate skills and qualifications:

Minimum Requirements:	.	Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity
Years	Required/Preferred	Experience
8	Required	Plan conduct and document IT and cybersecurity audits in accordance with approved audit methodologies and professional standards.
8	Required	Evaluate the design and operating effectiveness of information security controls across systems networks applications cloud environments and data platforms.
8	Required	Assess cybersecurity risks and controls in alignment with recognized frameworks and standards
8	Required	Perform testing to assess compliance with applicable laws regulations contractual obligations and internal policies.
8	Required	Review and assess processes related to identity and access management vulnerability management incident response disaster recovery and business continuity.
8	Required	Identify control deficiencies assess risk impact and develop clear well-supported audit findings and recommendations.
8	Required	Prepare formal audit reports that communicate results conclusions and remediation requirements to management.
8	Required	Monitor track and validate management remediation plans to ensure timely and effective resolution of audit issues.
8	Required	Ability to resolve complex security issues in diverse and decentralized environments; to learn communicate and teach new information and security technologies; and to communicate effectively.
8	Required	Conduct forensic investigations on cyberattacks to determine how they occurred and how they can be prevented in the future.
3	Preferred	CISSP PMP certifications

Role: IT Auditor Lead Location: Austin TX 78741 (On-site with Hybrid) Duration: Long Term Contract Job Description: We are seeking a highly motivated and talented individual to join our cybersecurity team at the Texas Office of the Attorney General (TxOAG) as an IT Auditor. The IT Auditor is respo...

Role: IT Auditor Lead

Location: Austin TX 78741 (On-site with Hybrid)

Duration: Long Term Contract

Responsibilities may include but are not limited to:

Plan execute and report on IT and cybersecurity audits to assess the effectiveness of security controls risk management practices and compliance with policies and regulations
Evaluate the design and operating effectiveness of cybersecurity controls across areas such as identity and access management network security endpoint protection cloud security and data protection
Conduct risk assessments and control testing aligned to recognized frameworks (e.g. NIST CSF ISO 27001 CIS Controls COBIT)
Assess compliance with applicable regulatory and contractual requirements (e.g. SOX PCI DSS HIPAA GDPR SOC reports internal policies)
Review vulnerability management incident response disaster recovery and business continuity processes to ensure preparedness and resilience
Collaborate closely with GRC and business stakeholders to understand systems processes and compliance
Identify control gaps root causes and risk implications and develop clear actionable audit findings and recommendations
Track and validate remediation efforts to ensure timely and effective resolution of audit issues
Support third-party risk assessments including reviews of vendor security controls and SOC reports
Stay current on evolving regulatory changes and industry best practices to continuously enhance audit approaches
Contribute to the continuous improvement of audit methodologies tools and automation techniques
Prepare and present audit results to management and when required senior leadership or audit committees.
The above job description and requirements are general in nature and may be subject to change based on the specific needs and requirements of the organization and project.

II. Candidate skills and qualifications:

Minimum Requirements:	.	Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity
Years	Required/Preferred	Experience
8	Required	Plan conduct and document IT and cybersecurity audits in accordance with approved audit methodologies and professional standards.
8	Required	Evaluate the design and operating effectiveness of information security controls across systems networks applications cloud environments and data platforms.
8	Required	Assess cybersecurity risks and controls in alignment with recognized frameworks and standards
8	Required	Perform testing to assess compliance with applicable laws regulations contractual obligations and internal policies.
8	Required	Review and assess processes related to identity and access management vulnerability management incident response disaster recovery and business continuity.
8	Required	Identify control deficiencies assess risk impact and develop clear well-supported audit findings and recommendations.
8	Required	Prepare formal audit reports that communicate results conclusions and remediation requirements to management.
8	Required	Monitor track and validate management remediation plans to ensure timely and effective resolution of audit issues.
8	Required	Ability to resolve complex security issues in diverse and decentralized environments; to learn communicate and teach new information and security technologies; and to communicate effectively.
8	Required	Conduct forensic investigations on cyberattacks to determine how they occurred and how they can be prevented in the future.
3	Preferred	CISSP PMP certifications