Vendor Cybersecurity Auditor #2945

Remote Full-time
About the position

We are seeking a Vendor Cybersecurity Auditor to assess and ensure the security and compliance of our third-party vendors. In this role, you will evaluate cybersecurity controls, identify gaps, and ensure vendors meet their contractual obligations related to IT and security standards. This is a critical position that plays a key role in protecting organizational data and managing third-party risk — ideal for someone who thrives in detail-driven environments, values evidence-based analysis, and is confident in interfacing with both technical and legal stakeholders.

Responsibilities
• Review vendor contracts, SLAs, and cybersecurity-related requirements for compliance with contractual obligations.
• Evaluate vendor security controls against contractual terms and recognized industry standards (e.g., NIST, ISO 27001, SOC 2, PCI-DSS).
• Analyze documentation and technical evidence including system configurations, access logs, and security policies.
• Conduct interviews with vendor personnel to assess their security practices and governance maturity.
• Perform sampling and control testing of administrative and technical safeguards.
• Identify control deficiencies and assess associated risks to the organization.
• Draft clear, professional audit reports summarizing findings, risks, and recommended remediations.
• Track remediation efforts and validate closure of findings.
• Collaborate with internal teams to ensure vendor risks are appropriately managed and escalated.

Requirements
• 5+ years of experience auditing cybersecurity controls against NIST, ISO 27001, SOC 2, or PCI-DSS frameworks.
• 5+ years of technical IT auditing experience, including assessment of network security, identity access management, endpoint protection, and incident response.
• Strong experience creating audit documentation and presenting findings to executives, legal, and technical teams.
• Demonstrated investigative and analytical skills in identifying risk and security gaps.
• 4+ years of experience in third-party/vendor cybersecurity risk assessments and audits.
• 3+ years reviewing security policies and documentation for completeness and accuracy.
• Experience auditing cloud-hosted environments (AWS, Azure, or GCP) and understanding of shared responsibility models
• Familiarity with vendor incident response plans and breach assessments.
• Ability to interpret contracts and ensure alignment with SLAs and cybersecurity requirements.
• Experience auditing vendors in a government or regulated industry (e.g., courts, justice systems).
• Proven ability to present complex findings to executive or legal audiences.
• At least one relevant certification: CISA, CISSP, CRISC, or ISO 27001 Lead Auditor.

Benefits
• Contribute to an organization committed to data protection and vendor governance.
• Work in a supportive and collaborative environment with high visibility.
• Be part of a forward-looking cybersecurity team that values transparency and accountability.
• Opportunities for professional growth and continued learning.

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

[Work From Home] Healthcare Customer Service Representative

Remote

Experienced Data Entry Professional for Fully Remote Opportunity at blithequark

Remote

**Experienced Full Stack Data Entry Operator – Web & Cloud Application Development**

Remote

PPC/SEO Specialist

Remote

Amazon Delivery Driver

Remote

**Director of Customer Success – Driving Revenue Growth and Customer Delight at blithequark**

Remote

Strategic Account Executive

Remote

SAP JVA Functional Consultant-German Speaking -Remote with Travel

Remote

Immediately Need Academic Tutor/Behavioral Coach - Escondido in Escondido, CA

Remote

**Experienced Customer Service Representative – Remote Work Opportunity with arenaflex**

Remote
← Back