Currently Empty: $0.00
IT Auditor (Cybersecurity)
$150K/Yr - $180K/Yr
Remote
Posted 2 weeks ago
Job Description
We are seeking a detail-oriented IT Auditor (Cybersecurity) to evaluate the effectiveness of information technology controls, cybersecurity practices, and regulatory compliance across enterprise systems and cloud environments. The successful candidate will conduct risk-based IT audits, assess security controls, identify vulnerabilities, and provide recommendations to strengthen the organization’s cybersecurity posture.
This role works closely with Information Security, IT Operations, Risk Management, Compliance, Internal Audit, and business stakeholders to ensure compliance with industry standards, regulatory requirements, and organizational security policies. The ideal candidate has experience with cybersecurity frameworks, cloud technologies, IT governance, and audit methodologies.
Key Responsibilities
- Plan, execute, and document IT and cybersecurity audits across enterprise systems, applications, networks, and cloud environments.
- Evaluate the effectiveness of IT General Controls (ITGC), application controls, logical access controls, and cybersecurity controls.
- Assess compliance with industry standards and regulatory frameworks including NIST CSF, ISO/IEC 27001, SOC 2, PCI DSS, HIPAA, SOX, CIS Controls, and GDPR (where applicable).
- Perform risk assessments to identify security, operational, and compliance risks.
- Review identity and access management (IAM), privileged access management (PAM), and user access controls.
- Audit cloud environments (AWS, Microsoft Azure, and Google Cloud Platform) to verify secure configurations and governance.
- Evaluate vulnerability management, patch management, endpoint security, backup, disaster recovery, and business continuity controls.
- Review security monitoring processes, SIEM logs, incident response procedures, and security operations.
- Identify control deficiencies, document audit findings, and recommend practical remediation plans.
- Prepare detailed audit reports and present findings to management and business stakeholders.
- Track remediation activities and validate corrective actions.
- Support internal and external audits, regulatory examinations, and compliance assessments.
- Collaborate with cybersecurity, infrastructure, DevOps, and compliance teams to improve security controls.
- Monitor changes in cybersecurity regulations, audit standards, and emerging threats.
- Maintain audit documentation in accordance with professional auditing standards and organizational policies.
Required Qualifications
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Accounting, or a related field.
- 3+ years of experience in IT Audit, Information Security, Cybersecurity, Risk Management, or Compliance.
- Strong understanding of IT General Controls (ITGC), risk assessment, and internal control frameworks.
- Knowledge of cybersecurity principles, network security, cloud security, and identity management.
- Experience auditing cloud platforms such as AWS, Azure, or Google Cloud Platform.
- Familiarity with regulatory frameworks including SOX, SOC 2, ISO 27001, NIST CSF, PCI DSS, HIPAA, and CIS Controls.
- Experience with vulnerability management and security assessment tools.
- Strong analytical, problem-solving, and documentation skills.
- Excellent written and verbal communication skills.
Preferred Qualifications
- Experience with Governance, Risk, and Compliance (GRC) platforms such as Archer, ServiceNow GRC, AuditBoard, or OneTrust.
- Familiarity with SIEM platforms such as Splunk, Microsoft Sentinel, QRadar, or LogRhythm.
- Knowledge of DevSecOps, CI/CD pipelines, and secure software development practices.
- Experience with data privacy regulations and third-party risk assessments.
- Previous experience supporting external audits or regulatory examinations.
- Understanding of Zero Trust Architecture and cloud-native security controls.
Technical Skills
Cybersecurity & Audit
- IT General Controls (ITGC)
- Cybersecurity Auditing
- Risk Assessment
- Internal Controls
- Information Security
- Security Compliance
- Governance, Risk & Compliance (GRC)
Compliance Frameworks
- NIST Cybersecurity Framework (CSF)
- ISO/IEC 27001
- SOC 2
- PCI DSS
- HIPAA
- SOX (Sarbanes-Oxley)
- CIS Controls
- COBIT
- GDPR (preferred)
Cloud Technologies
- Amazon Web Services (AWS)
- Microsoft Azure
- Google Cloud Platform (GCP)
Security Tools
- Splunk
- Microsoft Sentinel
- IBM QRadar
- Nessus
- Qualys
- Tenable
- Microsoft Defender
- CrowdStrike
GRC & Audit Tools
- ServiceNow GRC
- Archer
- AuditBoard
- OneTrust
Other Technical Skills
- Active Directory
- Identity & Access Management (IAM)
- Privileged Access Management (PAM)
- SQL (Basic)
- Microsoft Excel
- Power BI (Preferred)
- Jira
- Confluence
Preferred Certifications
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified in Risk and Information Systems Control (CRISC)
- CompTIA Security+
- ISO/IEC 27001 Lead Auditor
- Certified Internal Auditor (CIA)
Soft Skills
- Strong analytical and critical thinking skills.
- Excellent written and verbal communication.
- Attention to detail and accuracy.
- Problem-solving and investigative mindset.
- Time management and organizational skills.
- Ability to work independently and collaboratively.
- Stakeholder management and presentation skills.
- High ethical standards and professionalism.
- Adaptability to evolving technologies and regulations.
- Continuous learning and process improvement.
Preferred Industries
- Financial Services & FinTech
- Healthcare & HealthTech
- Technology & SaaS
- Cloud Computing
- Cybersecurity
- Government & Public Sector
- Insurance
- Telecommunications
- Retail & E-commerce
- Consulting
Benefits
- Competitive salary and annual performance bonus.
- Medical, dental, and vision insurance.
- Paid time off (PTO) and company holidays.
- Flexible remote/hybrid work options.
- Life and disability insurance.
- Professional certification reimbursement.
- Learning and development programs.
- Employee wellness initiatives.
- Career advancement opportunities.
Job Features
| Job Category | Cyber Security and AI |




