IT AUDITOR - Cybersecurity Job at Jobs via Dice in Austin

ALIS Software is seeking an IT Auditor 2 for a long-term position in Austin, TX. The role involves reviewing vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance with contractual obligations.

Responsibilities include:

• Evaluating the design and implementation of vendor cybersecurity controls against contractual and industry standards.
• Collecting and analyzing evidence such as security policies, system configurations, logs, and access records.
• Conducting interviews with vendor personnel to assess security practices and governance.
• Performing control testing and sampling to verify the effectiveness of technical and administrative safeguards.
• Identifying gaps, deficiencies, or non-compliance in vendor controls and assessing associated risks.
• Preparing audit reports summarizing findings, risks, and recommended corrective actions.
• Tracking remediation efforts and validating closure of audit findings.
• Coordinating with internal stakeholders to ensure vendor risks are communicated and addressed.

Minimum Requirements:

• 5 years of experience in cybersecurity frameworks and compliance, with proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards.
• 5 years of experience in technical IT auditing, with a strong ability to evaluate security controls such as network protection, identity access management, endpoint security, and incident response.
• 5 years of experience in communication and reporting, with experience drafting audit reports, presenting findings to executive and legal stakeholders, and engaging vendors constructively.
• 5 years of experience in analytical and investigative thinking, with demonstrated ability to identify security gaps, assess risk impact, and make sound, evidence-based recommendations.
• 4 years of experience in third-party/vendor risk auditing, with hands-on experience conducting cybersecurity audits of external vendors.
• 3 years of experience in policy and documentation review, with skill in reviewing and validating security documentation, procedures, and control implementation for accuracy and completeness.

Preferred qualifications include experience in cloud cybersecurity auditing, incident response and breach assessment, contract interpretation and SLA compliance, government or regulated industry experience, presentation to executives, and relevant certifications (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor).

Equal Employment Opportunity statement: [Note: The original text did not contain an explicit EEO statement, but it is essential to include one in the refined description.] ALIS Software is an equal opportunities employer and welcomes applications from diverse candidates.