BorderlessMind

IT Auditor II

BorderlessMind

full-time

Posted on:

Location Type: Office

Location: Austin • Texas • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud Platform

About the role

  • Review vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance
  • Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards
  • Collect and analyze evidence such as security policies, system configurations, logs, and access records
  • Conduct interviews with vendor personnel to assess security practices and governance
  • Perform control testing and sampling to verify the effectiveness of technical and administrative safeguards
  • Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks
  • Prepare audit reports summarizing findings, risks, and recommended corrective actions
  • Track remediation efforts and validate closure of audit findings
  • Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed
  • Present findings to executives and legal teams and engage vendors for remediation

Requirements

  • 5 years of experience required in evaluating vendor cybersecurity controls, contractual compliance, and third-party risk management
  • Proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards
  • 5 years of experience in technical IT auditing (network protection, identity access management, endpoint security, incident response)
  • 5 years of experience in communication and reporting (drafting audit reports, presenting to executives and legal stakeholders)
  • 5 years of experience in analytical and investigative thinking
  • 4 years of experience in third-party/vendor risk auditing (due diligence, contract compliance, risk assessments)
  • 3 years of experience in policy and documentation review
  • 3 years preferred in cloud cybersecurity auditing (AWS, Azure, GCP)
  • 3 years preferred in incident response and breach assessment
  • 3 years preferred in contract interpretation and SLA compliance
  • 2 years preferred in government or regulated industry experience (auditing vendors serving courts)
  • 2 years preferred in presentation to executives
  • 1 year preferred in relevant certifications (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor)
  • Hands-on experience with cloud security audits (AWS, Azure, GCP)
Benefits
  • Advanced training to be successful and professional development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
vendor cybersecurity controlscontractual compliancethird-party risk managementauditing controlsNISTISO 27001PCI-DSSSOC 2technical IT auditingcloud cybersecurity auditing
Soft skills
analytical thinkinginvestigative thinkingcommunicationreportingpresentation skillscoordinationinterpersonal skillsgovernance assessmentrisk assessmentremediation tracking
Certifications
CISACISSPCRISCISO 27001 Lead Auditor