CrawlJobs Logo

Cyber Auditor

United States, Fairfax · Job Posted April 16, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced Cyber Auditor to join our technology-based program supporting a key government customer. As a Cyber Auditor, you will play a critical role in maintaining the operational security posture for an enterprise IT program.

Job Responsibility

  • Monitors security tools, assesses threats, and risks involving client infrastructure
  • Provides vulnerability scans, reports, and metrics to Security, Program, and Customer management
  • Helps determine current risks, provides mitigations strategies, and communicates with system owners, data owners, and security management to ensure risks are appropriately identified and mitigated within operational schedules
  • Follows standard operating procedures for detecting, classifying, and reporting incidents under the supervision of the SOC Manager and in partnership with Tier 3 SOC Analysts

Requirements

  • Experience in vulnerability scanners, report generation, and effective communication with leadership is required
  • Experience in technical writing, using Security and Incident Event Management (SIEM) technologies, Intrusion Detection/Prevention Systems (IDS/IPS), host-based intrusion detection systems (HIDS), network mapping, and Linux is preferred
  • Must have (or complete within 90 days of hire) one of the following certifications: Security+, CEH, GCIA, CISSP or similar
  • Candidate must have a total of 7 years of work experience. The experience can be a combination of degree and work history. This can be a High School degree and 7 years of work history OR an Associate’s and 5 years, a Bachelors’ and 5 years, a master’s and 1 years or a PhD and 0 years of work history
  • Position requires active Security Clearance with appropriate Polygraph

What we offer

  • Healthcare Coverage + Insurance: Medical: Three (3) rich healthcare options through CareFirst with 100% or majority company-paid premiums. Tax-advantaged health savings account available with generous employer contribution. Dental + Vision: 100% employer-paid for employees and family, with a buy-up option available
  • Retirement + Savings: 401K – 10% TOTAL CONTRIBUTION – 5% safe harbor – 5% annual profit share (both immediately vested!)
  • Paid Time Off + More: 4 weeks starting PTO – 11 federal holidays + 2 floating holidays – Paid hours for company-required training
  • Career Growth + Development: Access to FREE 24/7 learning via Udemy – Opportunities to participate in tech councils, industry initiatives, etc. – $7,500 annual Educational & Professional Development Assistance
  • MORE BENEFITS…FOR EVERY LIFESTYLE! – Paid parental leave – Annual swag drops – Flexible work schedules -Generous referral bonus program – Employee appreciation + family-friendly corporate events …and much more

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cyber Auditor

8 matching positions

Principal Auditor - Cyber, Risk and Analysis Technology Audit

Capital One is seeking an energetic, self-motivated Principal Technology Associa...
Location
Location
United States , McLean, Virginia; Charlotte, North Carolina; Richmond, Virginia; Plano, Texas; New York, New York
Salary
Salary:
119400.00 - 163500.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree or military experience
  • At least 4 years of experience in information systems auditing, information systems risk management, information technology (operations, software delivery, access management, microservices), information security (application security, network security, cyber security, data protection), or a combination
  • At least 1 year of experience in cloud computing and controls (design, operation, risk management, or auditing)
  • At least 2 years of experience in managing components of audit engagements, project management or a combination
  • At least 2 years of experience in analyzing data extracts to identify trends, patterns, and anomalies, including 1 year of experience in test scripting or coding (writing, reviewing, assessing)
Job Responsibility
Job Responsibility
  • Execute major components of audits, including critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application, and third-party management, as well as the ability to assist in leading components of small to medium size audits
  • Perform risk assessments of business units and technology operations, design and execute audit procedures to verify the effectiveness of existing controls, identify and define issues, review and analyze evidence, and document client processes and procedures
  • Understand the broader context and implications (e.g., financial, legal, reputational, etc.) of the various types of risk affecting the business and critical technology functions
  • Establishes and maintains good client relations during engagements. Communicates or assists in communicating the results of some audit projects to management via written reports and oral presentations
  • Identify expectations of the client and take actions to support the client experience
  • Prepare clear, organized and complete documentation to support work performed
  • Self prioritize and effectively plan own work activities managing multiple priorities and tasks across the team to deliver quality results
  • Coordinate with others and proactively take on additional work
  • Deliver appropriate, succinct and organized information, tailoring communication style to audience
  • Effectively communicate information, issues and audit progress to teammates, clients and auditor-in-charge
What we offer
What we offer
  • Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Principal Auditor- Cyber, Risk and Analysis Technology Audit

Capital One’s Audit function is a dedicated group of professionals focused on de...
Location
Location
United States , McLean
Salary
Salary:
119400.00 - 163500.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree or military experience
  • At least 4 years of experience in information technology (operations, software delivery, access management, microservices), information security (application security, network security, cyber security, data protection), information systems risk management, information systems auditing, or a combination
  • At least 1 year of experience in cloud computing and controls (design, operation, risk management, or auditing)
  • At least 2 years of experience in managing components of audit engagements, project management or a combination
  • At least 2 years of experience in analyzing data extracts to identify trends, patterns, and anomalies, including 1 year of experience in test scripting or coding (writing, reviewing, assessing)
Job Responsibility
Job Responsibility
  • Execute major components of audits, including critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application, and third-party management, as well as the ability to assist in leading components of small to medium size audits
  • Perform risk assessments of business units and technology operations, design and execute audit procedures to verify the effectiveness of existing controls, identify and define issues, review and analyze evidence, and document client processes and procedures
  • Understand the broader context and implications (e.g., financial, legal, reputational, etc.) of the various types of risk affecting the business and critical technology functions
  • Establishes and maintains good client relations during engagements
  • Communicates or assists in communicating the results of some audit projects to management via written reports and oral presentations
  • Identify expectations of the client and take actions to support the client experience
  • Prepare clear, organized and complete documentation to support work performed
  • Self prioritize and effectively plan own work activities managing multiple priorities and tasks across the team to deliver quality results
  • Coordinate with others and proactively take on additional work
  • Deliver appropriate, succinct and organized information, tailoring communication style to audience
What we offer
What we offer
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Cyber Security Consultant - Third Party Auditor

Cyber Security Consultant - Third-Party Auditor - £500-£550 per day - Inside IR3...
Location
Location
United Kingdom , Gloucester
Salary
Salary:
Not provided
morson.com Logo
Morson Talent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Practical working knowledge of international standards and information security frameworks (ISO27001, ISO27017, GDPR, Cyber Essentials Plus), including auditing control design and operating effectiveness against these frameworks
  • Proven experience conducting end-to-end audits or formal assurance reviews within a regulated environment (planning, walkthroughs, control testing, evidence validation, reporting and follow-up)
  • Experience assessing third-party or supplier environments
  • Understanding of HMG Security Policy Framework and NCSC/CPNI guidance and how to test compliance through audit evidence
  • Awareness of information security threats, risks and common control failures
  • Experience applying risk assessment methodologies (ISO27005, NIST, IRAM2) to support audit scoping and risk-rating of findings
  • Strong documentation and report writing skills - able to produce structured audit reports containing observations, root cause analysis and defensible conclusions
  • Ability to challenge stakeholders constructively and obtain sufficient appropriate audit evidence
  • Excellent written and verbal communication skills
  • Strong analytical mindset, professional scepticism, attention to detail and persistence
Job Responsibility
Job Responsibility
  • Plan and scope third-party audits based on risk, regulatory requirements and contractual obligations
  • Conduct audit walkthroughs and structured control interviews
  • Test design and operating effectiveness of security controls
  • Perform sampling and traceability testing across processes and systems
  • Obtain, validate and challenge audit evidence (e.g. logs, system extracts, configurations, tickets, approvals)
  • Assess compliance against ISO27001, ISO27017, GDPR, Cyber Essentials Plus and relevant sector frameworks
  • Identify control weaknesses and determine root causes
  • Form clear, risk-rated findings with practical recommendations
  • Produce structured audit reports suitable for senior governance review and regulatory scrutiny
  • Track and verify remediation actions through to closure
  • Fulltime
Read More
Arrow Right
New

Financial Analyst

Financial Analyst. Chennai, Tamil Nadu. Contract. Job Category: Finance & Econom...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
August 27, 2026
Flip Icon
Requirements
Requirements
  • Experienced in conducting IT audits that includes conducting and leading IT audits, risk assessments, and compliance reviews with a focus on IT controls
  • A solid understanding of information technology systems, infrastructure, and security is crucial. This includes knowledge of network architecture, operating systems, databases, cloud computing, cybersecurity principles, and IT governance frameworks (e.g., COBIT, ITIL)
  • Experience in performing risk assessments, identifying IT risks, and developing risk mitigation strategies is essential.This role should have a solid understanding of risk management principles and be able to apply them to IT audit processes effectively
  • Excellent communication skills are necessary to effectively communicate complex technical concepts to non-technical stakeholders, including senior management and executives. The IT Auditor should be able to articulate audit findings, risks, and recommendations clearly and concisely in both written reports and verbal presentations
  • Strong analytical and critical-thinking abilities are essential for analyzing complex IT systems, identifying control weaknesses, and assessing potential risks. The IT Audit Manager should be skilled in using data analysis techniques and tools to draw insights from large volumes of IT data
  • Keeping up-to-date with emerging technologies, industry trends, and regulatory changes is crucial for an IT Audit Manager
  • The IT Auditor must maintain the highest standards of professional ethics and integrity. They should adhere to auditing standards and confidentiality requirements, handle sensitive information with care, and maintain impartiality and objectivity throughout the audit process
  • Experience 7-15years
Job Responsibility
Job Responsibility
  • Prioritize controls and assist in Audit Planning
  • Perform compliance reviews, enterprise security audits (both application and infrastructure) which involves: Verify IT General, application and cyber security controls to ensure effective delivery of functional processes within operations to mitigate risks. Verify technology risk management processes, application development and deployment processes, database management, vendor management, etc. Publish reports with actions and provide closure guidance as needed
  • Prepare high quality audit planning memo and Risk Control Matrix (RCM), workpaper documentation, manage discussion with stakeholders
  • Apply guidance from enterprise policies and procedures and control testing industry best practices in workpaper documentation and effective challenge
  • Lead walkthroughs with control owners/1st LOD testers to obtain a sufficient understanding of the design effectiveness and operating effectiveness of the control
  • Design and execute testing procedures to evaluate the effectiveness of controls related to technology risks
  • Responsible to identify control gaps and communicate findings and control redesign recommendations to Management/Clients
  • Prepare Dashboards and reports as directed by the delivery lead on time
  • Fulltime
Read More
Arrow Right
New

Engineer - Information Security

In this role, you will serve as a key individual contributor on our Security Arc...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
commscope.com Logo
CommScope
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 4 years of cyber security experience, demonstrating increased responsibility and success in each role. A bachelor's degree or equivalent professional experience
  • Hands-on experience in implementing and supporting at least 2 security capabilities (firewalls, CASB, SSE, DLP, SIEM, endpoint, vulnerability scanning, PKI, MFA, CSPM, etc.)
  • Previous professional experience in other IT / technical domains and communicating relevant domain information with a non-technical audience
  • Proven analytical and critical thinking skills
  • Strong interpersonal, written, and oral communication skills
  • Demonstrated customer service and solution-focused orientation
  • Ambitious and disciplined. Self-starter, able to manage one's own time and juggle competing tasks, proactively seeking prioritization and guidance when needed
Job Responsibility
Job Responsibility
  • Implement, maintain, monitor, and manage cyber security systems and controls
  • Deliver projects on time, within budget and in accordance with service level agreements (SLAs)
  • Work in tandem with architects, senior engineers, the security operations center (SOC), incident responders (in cases of anomalous activity and host compromise), and technology infrastructure and development team members
  • Participate regularly change management meetings
  • Conduct performance and efficacy testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted
  • Collaborate with other team members to develop technical security standards and best practices across various security domains
  • socialize and evangelize to other technology teams
  • Articulate common practices and tactics used by malicious software and threat actors, along with associated remediation, to other IT teams
  • Assist members of the Governance, Risk, and Compliance team to answer technical questions from auditors and clients
  • Fulltime
Read More
Arrow Right
New

Ai Compliance And Governance Specialist

At Sabio Group, we're building the next generation of AI-powered customer experi...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
sabiogroup.com Logo
Sabio Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrable experience in AI compliance, AI governance or AI risk — either as a dedicated focus or as a major component of a broader compliance, legal, infosec, cyber or engineering role that you've since pivoted toward AI
  • Strong working knowledge of the EU AI Act and a clear understanding of how risk classification, obligations and timelines apply to real-world AI systems
  • Familiarity with ISO/IEC 42001, ISO/IEC 27001 and SOC 2 Type II — what they require, how they interlock, and how to evidence compliance in practice
  • A genuine grasp of the core principles of modern AI: LLMs, prompt engineering, context engineering, retrieval-augmented generation, and agentic frameworks — enough to challenge engineers credibly and apply governance to what's actually being built, not a generic abstraction of it
  • Hands-on experience using AI tooling as part of your day job — using AI co-work / copilots to draft, review, analyse and accelerate your own output
  • Awareness of bias, hallucination, prompt-injection, data leakage and misuse risks in deployed AI systems, with practical experience helping to mitigate them
  • Excellent written and verbal communication — able to draft a board-grade policy, run a workshop, brief a customer auditor and write a sharp internal memo
  • Ability to run meetings, bring groups together and drive outcomes across geographically dispersed teams and different business functions
  • Comfort with high-pace, multi-stakeholder environments — motivated, flexible, and able to build effective working relationships across cultures and time zones
  • A passion for raising the bar in others — coaching, enabling and growing AI governance literacy across the organisation
Job Responsibility
Job Responsibility
  • Customer Solution Assurance: Review and assure the AI solutions we deliver to customers against EU AI Act obligations, ISO 42001 controls, customer-specific regulatory requirements and Sabio's internal standards
  • Partner with delivery teams during discovery, design and deployment to ensure bias, hallucination, prompt-injection, misuse and other AI-specific risks are identified and mitigated by design — not patched in later
  • Support pre-sales and customer conversations on compliance posture, certifications and responsible AI commitments
  • Policy, Procedure & Strategy: Draft, maintain and evolve internal AI policies, procedures, standards and control frameworks
  • Contribute to the strategic direction of Sabio's AI governance programme — including roadmap to ISO 42001 certification and ongoing alignment with EU AI Act, ISO 27001 and SOC 2 Type II
  • Translate regulatory change (EU AI Act guidance, national implementations, sector-specific rules) into practical, actionable internal guidance
  • Audit & Assurance: Audit Sabio's AI deployment and support methodologies against internal standards and external frameworks
  • Support external audits from customers, certification bodies and regulators — preparing evidence, running walkthroughs and remediating findings
  • Build and report on AI governance KPIs that give leadership and customers a clear, honest view of compliance posture
  • Responsible AI in Practice: Operationalise responsible AI principles — fairness, transparency, accountability, robustness, human oversight — across solution lifecycles
What we offer
What we offer
  • Pension Scheme
  • Remote/Flexible work
  • Life insurance
  • Private health and dental care
  • Cycle to work
  • 28 days paid holiday a year- (this includes three Sabio days)
  • LinkedIn Learning
  • Fulltime
Read More
Arrow Right

Senior Cyber Risk & Compliance Consultant

Location
Location
United Kingdom , Glasgow or Reading
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading GRC and security assurance initiatives
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards, with demonstrable experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experienced in applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Confident communicator, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high-quality outcomes
  • Hold a recognised ISO/IEC 27001 Lead Implementer or Lead Auditor certification, alongside other relevant academic or professional qualifications (e.g. MSc in Cyber Security or related specialism, CISM, CISSP, PCIRM)
  • Hold, or be working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, with primary focus on achieving certification or standards alignment to ISO27001, including gap assessments, strategy and planning, implementation support, audit preparation and pre and post certification support
  • Engage with clients to understand their wider threat landscape and business context, conducting risk and compliance assessments against other recognised frameworks and standards (e.g. NIST, SOC 2, DefStan)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • Collaborative and supportive environment
  • Tools and opportunity to do work you can be proud of
  • Chance to work alongside some of the best people in the industry
  • Hybrid working
  • Industry leading coaching and mentoring
  • Fulltime
Read More
Arrow Right

Senior Cyber Resilience Consultant

Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in designing, leading and delivering cyber governance, risk and assurance outcomes, with a proven track record of successfully leading cyber incident response and resilience outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including MITRE ATT&CK, ISO/IEC 27001, NIS, NIST, and UK Government Functional Standards, with demonstrable experience applying these to relevant cyber roles and engagements
  • Confident communicator, able to clearly articulate cyber risk and the value of security investment to senior leaders, while mentoring and guiding teams to deliver high-quality outcomes
  • Hold relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, a relevant cyber resilience, cyber incident response, or similar qualification or accreditation
  • Eligible to work in the UK and able to obtain and maintain UK security clearance
Job Responsibility
Job Responsibility
  • Lead delivery of proactive incident response preparedness activities including Incident Response Planning, maturity assessments and exercises including Tabletop (TTX), Live Play and other bespoke activities
  • Lead cyber governance, risk and assurance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes for our clients
  • Review and assess client documentation, processes and governance in relation to Cyber Incident Response, preparedness and alignment with Business Continuity and Emergency Response capabilities
  • Design, plan and deliver a variety of exercises to meet the needs of organisations across diverse industries and sectors
  • Engage and communicate with stakeholders from board and executive through to operational and other responders to understand their threat landscape and business context, and roles and responsibilities
  • Deliver quality reports, with actionable information tailored to the specific needs of clients and capturing the key learnings from assessments and exercises
  • Contribute to continuous improvement of service offerings, delivery methodologies and internal team knowledge by sharing insights and learning gained from client engagements
  • Support the wider delivery of cyber governance risk and assurance activities and delivery working with other service and client leads and functions
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right