Logo
Rose International

Rose International is hiring: Vendor Cybersecurity Auditor in Austin

Rose International, Austin, TX, United States, 78716

Save Job

Overview

We are seeking a skilled and detail-oriented Vendor Cybersecurity Auditor to assess and validate the cybersecurity posture of third-party vendors. This role involves reviewing contracts, evaluating technical controls, conducting audits, and ensuring compliance with industry standards and regulatory requirements. The ideal candidate will have a strong background in cybersecurity auditing, vendor risk management, and technical evaluation of IT environments.

Responsibilities

  • Review vendor contracts, SLAs, and cybersecurity requirements to confirm compliance.
  • Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
  • Collect and analyze evidence such as security policies, system configurations, logs, and access records.
  • Conduct interviews with vendor personnel to assess security practices and governance.
  • Perform control testing and sampling to verify the effectiveness of safeguards.
  • Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
  • Prepare audit reports summarizing findings, risks, and recommended corrective actions.
  • Track remediation efforts and validate closure of audit findings.
  • Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.

Key Details:

  • Date Posted: 09/28/2025
  • Hiring Organization: Rose International
  • Position Number: 489185
  • Industry: Government
  • Job Title: Vendor Cybersecurity Auditor
  • Job Location: Austin, TX, USA, 78701
  • Work Model: Hybrid (Hybrid schedule to be determined)
  • Shift: M-F, 8-5
  • Employment Type: Temporary
  • FT/PT: Full-Time
  • Estimated Duration: 10 months
  • Min Hourly Rate: 70.00
  • Max Hourly Rate: 78.00

Qualifications

  • Must Have Skills/Attributes: Auditor, AWS, Azure, Contract Management, Cybersecurity, Google Cloud
  • Nice To Have: CISA, CISSP, CRISC, State Agency experience
  • Experience Desired: Auditing NIST, ISO 27001, PCI-DSS, or SOC 2 standards; knowledge of data protection. (5 yrs); Auditing third-party risk management (5 yrs); Evaluate controls such as network protection, IAM, endpoint security, and incident response. (5 yrs); Drafting audit reports and presenting findings to stakeholders (5 yrs); Proven ability to identify gaps, assess risks, and recommend actions (5 yrs); Experience with AWS, Azure, or Google Cloud Platform environments and shared responsibility models (3 yrs); Conducting cybersecurity audits of external vendors. (4 yrs)
  • Required Minimum Education: Associate’s Degree
  • Preferred Education: Bachelor’s Degree
  • Other: C2C is not available; Candidate must be local in Austin, TX

Experience Requirements

  • Minimum:
    • 5 years – Cybersecurity frameworks and compliance: Experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards; knowledge of data protection laws and third-party risk management.
    • 5 years – Technical IT auditing: Ability to evaluate controls such as network protection, IAM, endpoint security, and incident response.
    • 5 years – Communication and reporting: Skilled in drafting audit reports and presenting findings to executive/legal stakeholders.
    • 5 years – Analytical and investigative thinking: Proven ability to identify gaps, assess risks, and recommend actions.
    • 4 years – Third-party/vendor risk auditing: Experience conducting cybersecurity audits of external vendors.
    • 3 years – Policy and documentation review: Skilled in reviewing security documentation and control implementation.
  • Preferred:
    • 3 years – Cloud cybersecurity auditing: Experience with AWS, Azure, or Google Cloud Platform environments and shared responsibility models.
    • 3 years – Incident response and breach assessment: Familiarity with vendor incident response plans and breach evaluations.
    • 3 years – Contract interpretation and SLA compliance: Ability to interpret legal/technical language in contracts.
    • 2 years – Government or regulated industry experience: Auditing vendors serving courts or similar entities.
    • 2 years – Presentation to executives: Experience summarizing technical findings for non-technical audiences.
    • 1 year – Certifications: Possession of at least one relevant certification (e.g., CISA, CISSP, CRISC, ISO 27001 Lead Auditor).

Benefits and Equal Opportunity

Benefits: For information and details on employment benefits offered with this position, please visit here. If you have questions, contact our HR Department via our secure website.

California Pay Equity: For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations’ website here.

Equal Opportunity Employer: Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity or expression, national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.

Assistance: If you need assistance in completing this application or during any phase of the process, please contact our HR Department.

U.S. Homeland Security E-Verify: Rose International has an official agreement (ID #132522) with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify).

#J-18808-Ljbffr