Sign upLog in

IT Auditor

Lumen Solutions Group Inc

Austin, TX

Apply
JOB DETAILS
JOB TYPE
Full-time
SKILLS
Amazon Web Services (AWS), Analysis Skills, Auditing, CISA - Certified Information Systems Auditor, CISSP - Certified Information Systems Security Professional, Cloud Computing, Computer Security, Contract Analysis, Contract Requirements, Contract Review, Corrective Action, Design Evaluation, Desktop Administration, Desktop Virtualization, Diversity, Documentation, Documentation Review, Due Diligence, Endpoint Security, External Audit, Government, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Industry Standards, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Internet Security, Interpret Regulations, Interviewing Skills, Laptop PC, Legal, Microsoft Windows Azure, Network Security, PCI-DSS, Regulatory Compliance, Reporting Skills, Risk, Risk Analysis, Risk Management, Security Analysis, Service Level Agreement (SLA), Software Administration, Systems Administration/Management, Testing, U.S. National Institute of Standards and Technology (NIST), Vendor/Supplier Evaluation, Vendor/Supplier Planning
LOCATION
Austin, TX
POSTED
30+ days ago
Job Description: Review vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance with contractual obligations. Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards. Collect and analyze evidence such as security policies, system configurations, logs, and access records. Conduct interviews with vendor personnel to assess security practices and governance. Perform control testing and sampling to verify the effectiveness of technical and administrative safeguards. Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks. Prepare audit reports summarizing findings, risks, and recommended corrective actions. Track remediation efforts and validate closure of audit findings. Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed. II. CANDIDATE SKILLS AND QUALIFICATIONS Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity. Years Required/Preferred Experience 5 Required Cybersecurity frameworks and compliance: Proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards, with working knowledge of current data protection laws, regulatory compliance, and third-party risk management practices. 5 Required Technical IT auditing: Strong ability to evaluate security controls such as network protection, identity access management, endpoint security, and incident response across modern IT environments. 5 Required Communication and reporting: Experienced in drafting audit reports, presenting findings to executive and legal stakeholders, and engaging vendors constructively. 5 Required Analytical and investigative thinking: Demonstrated ability to identify security gaps, assess risk impact, and make sound, evidence-based recommendations. 4 Required Third-party/vendor risk auditing: Hands-on experience conducting cybersecurity audits of external vendors, including due diligence, contract compliance, and risk assessments. 3 Required Policy and documentation review: Skilled at reviewing and validating security documentation, procedures, and control implementation for accuracy and completeness. 3 Preferred Cloud cybersecurity auditing: Experience auditing vendor environments hosted in AWS, Azure, or Google Cloud, including cloud-native controls and shared responsibility models. 3 Preferred Incident response and breach assessment: Familiarity with analyzing vendor incident response plans, reviewing past breaches, and evaluating remediation practices. 3 Preferred Contract interpretation and SLA compliance: Ability to interpret legal and technical language in vendor contracts to ensure proper implementation of SLAs, IT, and cybersecurity obligations. 2 Preferred Government or regulated industry experience: Background in auditing technology vendors serving courts. 2 Preferred Presentation to executives: Experience summarizing technical findings for non-technical audiences, including C-suite executives or legal counsel. 1 Preferred Certifications: At least one relevant certification (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor). ***Lumen and / or its clients will not provide equipment (Laptop, monitor, etc.) to the selected contractor. The contractor must have their own equipment. Access to a virtual desktop set up (software) will be provided by Lumens client, allowing the user access to the required systems and technology.*** Lumen Solutions Group Inc. is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.

About the Company

L

Lumen Solutions Group Inc