Genius Road, LLC is hiring: Vendor Cybersecurity Auditor #2945 in Austin

Vendor Cybersecurity Auditor

Location: Austin, Texas (onsite and telework – must live locally)

Project Length: 3-6+ months

About the Role

We are seeking a Vendor Cybersecurity Auditor to assess and ensure the security and compliance of our third-party vendors. In this role, you will evaluate cybersecurity controls, identify gaps, and ensure vendors meet their contractual obligations related to IT and security standards.

This is a critical position that plays a key role in protecting organizational data and managing third-party risk — ideal for someone who thrives in detail-driven environments, values evidence-based analysis, and is confident in interfacing with both technical and legal stakeholders.

Minimum Qualifications

• 5+ years of experience auditing cybersecurity controls against NIST, ISO 27001, SOC 2, or PCI-DSS frameworks.
• 5+ years of technical IT auditing experience, including assessment of network security, identity access management, endpoint protection, and incident response.
• Strong experience creating audit documentation and presenting findings to executives, legal, and technical teams.
• Demonstrated investigative and analytical skills in identifying risk and security gaps.
• 4+ years of experience in third-party/vendor cybersecurity risk assessments and audits.
• 3+ years reviewing security policies and documentation for completeness and accuracy.
• Experience auditing cloud-hosted environments (AWS, Azure, or GCP) and understanding of shared responsibility models.
• Familiarity with vendor incident response plans and breach assessments.
• Ability to interpret contracts and ensure alignment with SLAs and cybersecurity requirements.
• Experience auditing vendors in a government or regulated industry (e.g., courts, justice systems).
• Proven ability to present complex findings to executive or legal audiences.
• At least one relevant certification: CISA, CISSP, CRISC, or ISO 27001 Lead Auditor.

Key Responsibilities

• Review vendor contracts, SLAs, and cybersecurity-related requirements for compliance with contractual obligations.
• Evaluate vendor security controls against contractual terms and recognized industry standards (e.g., NIST, ISO 27001, SOC 2, PCI-DSS).
• Analyze documentation and technical evidence including system configurations, access logs, and security policies.
• Conduct interviews with vendor personnel to assess their security practices and governance maturity.
• Perform sampling and control testing of administrative and technical safeguards.
• Identify control deficiencies and assess associated risks to the organization.
• Draft clear, professional audit reports summarizing findings, risks, and recommended remediations.
• Track remediation efforts and validate closure of findings.
• Collaborate with internal teams to ensure vendor risks are appropriately managed and escalated.

Why Join

• Contribute to an organization committed to data protection and vendor governance.
• Work in a supportive and collaborative environment with high visibility.
• Be part of a forward-looking cybersecurity team that values transparency and accountability.
• Opportunities for professional growth and continued learning.

Genius Road, LLC is proud to be a Certified Women’s Business Enterprise, an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications, merit and business need.