Assyst
ASSYST is seeking a skilled IT Auditor
to support our client in Austin TX
Location: Austin, TX Job Type: Contract (Corp to Corp/C2C or 1099) Position: Hybrid
Job Overview We are seeking an experienced
IT Auditor
with strong expertise in cybersecurity frameworks, technical IT auditing, and third-party/vendor risk assessments. The ideal candidate will have proven experience evaluating security controls, ensuring regulatory compliance, and providing actionable recommendations to senior leadership. This role requires a detail-oriented professional who can analyze risks, draft clear audit reports, and communicate effectively with technical and non-technical stakeholders.
Key Responsibilities
Perform IT and cybersecurity audits against established frameworks (NIST, ISO 27001, PCI-DSS, SOC 2). Assess technical controls including network security, identity and access management, endpoint protection, and incident response. Conduct vendor/third-party cybersecurity audits, risk assessments, and contract compliance reviews. Review and validate security policies, documentation, and procedures for accuracy and completeness. Draft audit reports and present findings to executive leadership, legal counsel, and stakeholders. Provide evidence-based recommendations to remediate identified risks or control gaps. Support evaluation of incident response plans, breach assessments, and remediation practices. Collaborate cross-functionally with IT, security, legal, and vendor teams to ensure compliance.
Minimum Requirements
5+ years
experience auditing cybersecurity controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards. 5+ years
in IT auditing with focus on security controls (network, IAM, endpoint, incident response). 5+ years
drafting audit reports, communicating findings, and engaging executive/legal stakeholders. 5+ years
applying analytical and investigative skills to assess risk and recommend remediation. 4+ years
auditing third-party/vendor risk, due diligence, and compliance. 3+ years
reviewing policies, procedures, and security documentation. 3+ years
auditing cloud environments (AWS, Azure, GCP). 3+ years incident response and breach assessment experience. 3+ years interpreting vendor contracts and SLAs for IT/cybersecurity obligations. 2+ years working with government or regulated industries. 2+ years presenting audit findings to executives and legal counsel. 1+ year holding a relevant certification: CISA, CISSP, CRISC, or ISO 27001 Lead Auditor.
ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law
to support our client in Austin TX
Location: Austin, TX Job Type: Contract (Corp to Corp/C2C or 1099) Position: Hybrid
Job Overview We are seeking an experienced
IT Auditor
with strong expertise in cybersecurity frameworks, technical IT auditing, and third-party/vendor risk assessments. The ideal candidate will have proven experience evaluating security controls, ensuring regulatory compliance, and providing actionable recommendations to senior leadership. This role requires a detail-oriented professional who can analyze risks, draft clear audit reports, and communicate effectively with technical and non-technical stakeholders.
Key Responsibilities
Perform IT and cybersecurity audits against established frameworks (NIST, ISO 27001, PCI-DSS, SOC 2). Assess technical controls including network security, identity and access management, endpoint protection, and incident response. Conduct vendor/third-party cybersecurity audits, risk assessments, and contract compliance reviews. Review and validate security policies, documentation, and procedures for accuracy and completeness. Draft audit reports and present findings to executive leadership, legal counsel, and stakeholders. Provide evidence-based recommendations to remediate identified risks or control gaps. Support evaluation of incident response plans, breach assessments, and remediation practices. Collaborate cross-functionally with IT, security, legal, and vendor teams to ensure compliance.
Minimum Requirements
5+ years
experience auditing cybersecurity controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards. 5+ years
in IT auditing with focus on security controls (network, IAM, endpoint, incident response). 5+ years
drafting audit reports, communicating findings, and engaging executive/legal stakeholders. 5+ years
applying analytical and investigative skills to assess risk and recommend remediation. 4+ years
auditing third-party/vendor risk, due diligence, and compliance. 3+ years
reviewing policies, procedures, and security documentation. 3+ years
auditing cloud environments (AWS, Azure, GCP). 3+ years incident response and breach assessment experience. 3+ years interpreting vendor contracts and SLAs for IT/cybersecurity obligations. 2+ years working with government or regulated industries. 2+ years presenting audit findings to executives and legal counsel. 1+ year holding a relevant certification: CISA, CISSP, CRISC, or ISO 27001 Lead Auditor.
ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law