Cybersecurity Auditor
US-TX-Austin
careers
Req #: 7550
Type: Contract
|
|
|||||||||
|
||||||||||
Overview: Allied Consultants, Inc is a proudly Austin based firm with over 33 years of experience delivering top-tier technical and business professionals within Texas State Agencies. We are currently seeking an experience Cybersecurity Auditor to play a key role within a high-impact technical services team. At Allied Consultants, we value our consultants and are committed to providing an exceptional experience including: * Highly competitive pay rates * Local support staff for responsive, personal service * Comprehensive benefits package, including: * Medical insurance (with employer cost sharing) * Life insurance * A 401(K) plan with company match * Flexible spending through a cafeteria plan Candidates selected for interviews will be subject to a criminal background check and may be required to pass a drug screening, in compliance with federal and state regulations. All offers of employment are contingent upon successful completion of these checks. Allied Consultants is a proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Responsibilities: **Location of job: Hybrid, please note this is a Part-time job** * Review vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance with contractual obligations. * Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards. * Collect and analyze evidence such as security policies, system configurations, logs, and access records. * Conduct interviews with vendor personnel to assess security practices and governance. * Perform control testing and sampling to verify the effectiveness of technical and administrative safeguards. * Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks. * Prepare audit reports summarizing findings, risks, and recommended corrective actions. * Track remediation efforts and validate closure of audit findings. * Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed. Qualifications: Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity. Years Required/Preferred Experience 5 Required Cybersecurity frameworks and compliance: Proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards, with working knowledge of current data protection laws, regulatory compliance, and third-party risk management practices. 5 Required Technical IT auditing: Strong ability to evaluate security controls such as network protection, identity access management, endpoint security, and incident response across modern IT environments. 5 Required Communication and reporting: Experienced in drafting audit reports, presenting findings to executive and legal stakeholders, and engaging vendors constructively. 5 Required Analytical and investigative thinking: Demonstrated ability to identify security gaps, assess risk impact, and make sound, evidence-based recommendations. 4 Required Third-party/vendor risk auditing: Hands-on experience conducting cybersecurity audits of external vendors, including due diligence, contract compliance, and risk assessments. 3 Required Policy and documentation review: Skilled at reviewing and validating security documentation, procedures, and control implementation for accuracy and completeness. 3 Preferred Cloud cybersecurity auditing: Experience auditing vendor environments hosted in AWS, Azure, or Google Cloud, including cloud-native controls and shared responsibility models. 3 Preferred Incident response and breach assessment: Familiarity with analyzing vendor incident response plans, reviewing past breaches, and evaluating remediation practices. 3 Preferred Contract interpretation and SLA compliance: Ability to interpret legal and technical language in vendor contracts to ensure proper implementation of SLAs, IT, and cybersecurity obligations. 2 Preferred Government or regulated industry experience: Background in auditing technology vendors serving courts. 2 Preferred Presentation to executives: Experience summarizing technical findings for non-technical audiences, including C-suite executives or legal counsel. 1 Preferred Certifications: At least one relevant certification (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor).
Share this job:
