1

Cyber Security Auditor Jobs (NOW HIRING)

We are seeking an Cybersecurity Risk Auditor to join our Internal Audit team. This role is ideal for a technology auditor who is naturally curious , enjoys understanding how complex systems work, and ...

IT Auditor

Madison, SD · On-site +1

Your Mission As an IT Auditor with SBS CyberSecurity, you will evaluate organizations, primarily in the financial services industry, including community banks and credit unions. These evaluations ...

As a Cybersecurity Analyst, you will be part of our Cybersecurity Department that covers ... Required Qualifications * 1-3+ years of auditing or risk management experience in a highly ...

The IT Auditor will participate in a variety of audit and assessment activities including cybersecurity reviews, IT risk assessments, HIPAA compliance evaluations, SOX compliance support, vendor risk ...

Senior Internal Auditor

Mentor, OH · On-site +1

$75K - $93K/yr

Position Summary As a Senior IT Internal Auditor you are responsible for owning and executing risk-based IT and cybersecurity audits in accordance with Internal Audit methodology, including planning ...

... Auditing, Collaboration with IT & Security Teams Why Join AaraTech Inc? * Strong technical learning path in cyber security * Exposure to enterprise retail and e-commerce security environments

next page

Showing results 1-20

Cyber Security Auditor information

See salary details

$57K

$133K

$186K

How much do cyber security auditor jobs pay per year?

As of Jul 13, 2026, the average yearly pay for cyber security auditor in the United States is $132,962.00, according to ZipRecruiter salary data. Most workers in this role earn between $111,000.00 and $150,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Cyber Security Auditor position, and why are they important?

To thrive as a Cyber Security Auditor, you need a comprehensive understanding of information security principles, risk assessment methodologies, and auditing standards, usually backed by a degree in cybersecurity, information technology, or a related field. Familiarity with technical tools such as vulnerability scanners, SIEM solutions, and frameworks like NIST or ISO 27001, along with certifications like CISA or CISSP, is highly valued. Strong analytical thinking, attention to detail, and effective communication are key soft skills essential for collaborating with diverse teams and presenting findings clearly. These skills and qualifications enable Cyber Security Auditors to effectively identify vulnerabilities, ensure compliance, and help organizations safeguard critical assets.

What do cybersecurity auditors do?

Cybersecurity auditors evaluate an organization’s information systems, security policies, and controls to identify vulnerabilities and ensure compliance with industry standards. They review security protocols, perform risk assessments, and may use tools like vulnerability scanners to detect weaknesses, often preparing reports and recommendations for improving security posture.

Can you make $200,000 in cyber security?

Cyber Security Auditors with extensive experience, advanced certifications, and specialized skills can potentially earn $200,000 or more annually, especially in high-demand industries or senior roles. Salary levels depend on factors such as location, company size, and individual expertise, with senior positions often offering higher compensation. Continuous learning and certifications like CISSP or CISA can help increase earning potential.

What are the typical daily responsibilities of a Cyber Security Auditor?

Cyber Security Auditors spend their days conducting thorough assessments of organizational security policies, examining system configurations, and testing controls to ensure compliance with industry standards and best practices. They often analyze logs, review incident reports, and perform vulnerability scans, followed by interviewing staff to understand security protocols. Auditors also document their findings, prepare detailed reports, and communicate recommendations to IT management and stakeholders. The role requires a balance of technical assessments and clear, concise communication with both technical and non-technical teams.

How to become a cyber security auditor?

To become a cyber security auditor, individuals typically need a bachelor's degree in computer science, information technology, or a related field. Gaining experience in cybersecurity, understanding auditing standards, and obtaining certifications such as Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) can enhance qualifications and job prospects.

What is a Cyber Security Auditor job?

A Cyber Security Auditor is responsible for assessing an organization’s security policies, controls, and practices to ensure they comply with industry regulations and standards. They identify vulnerabilities, evaluate risk management strategies, and recommend improvements to protect sensitive data and systems. Auditors conduct assessments, review compliance frameworks, and generate reports detailing security gaps and remediation steps. Their role is crucial in safeguarding an organization against cyber threats while ensuring regulatory and legal adherence.

Is Cisa an entry level job?

The Certified Information Systems Auditor (CISA) certification is not an entry-level qualification; it is designed for experienced IT and cybersecurity professionals involved in auditing, control, and security of information systems. While some entry-level roles may require or prefer CISA certification, most positions typically require several years of relevant work experience before pursuing it.
More about Cyber Security Auditor jobs
What cities are hiring for Cyber Security Auditor jobs? Cities with the most Cyber Security Auditor job openings:
What states have the most Cyber Security Auditor jobs? States with the most job openings for Cyber Security Auditor jobs include:
Infographic showing various Cyber Security Auditor job openings in the United States as of July 2026, with employment types broken down into 83% Full Time, 14% Part Time, 2% Contract, and 1% Nights. Highlights an 86% Physical, 4% Hybrid, and 10% Remote job distribution, with an average salary of $132,962 per year, or $63.9 per hour.
IT Auditor 2 - Part Time

IT Auditor 2 - Part Time

PROLIM Global Corporation

Austin, TX • On-site

Part-time

Posted yesterday

New


Job description

IT Auditor 2 - Part Time
Location will be at - 205 W 14th Street, Austin, TX 78701 - May require travel to other locations in TX - Hybrid - On Site and Telework
Duration: 10/15/2025 - 03/31/2026
. DESCRIPTION OF SERVICES
  • Review vendor contracts, SLAs, and other IT and cybersecurity contractual requirements to confirm compliance with contractual obligations.
  • Evaluate the design and implementation of vendor cybersecurity controls against contractual and industry standards.
  • Collect and analyze evidence such as security policies, system configurations, logs, and access records.
  • Conduct interviews with vendor personnel to assess security practices and governance.
  • Perform control testing and sampling to verify the effectiveness of technical and administrative safeguards.
  • Identify gaps, deficiencies, or non-compliance in vendor controls and assess associated risks.
  • Prepare audit reports summarizing findings, risks, and recommended corrective actions.
  • Track remediation efforts and validate closure of audit findings.
  • Coordinate with internal stakeholders to ensure vendor risks are communicated and addressed.
    REQUIRED SKILLS AND QUALIFICATIONS:
    Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
    Minimum Requirements:
    Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
    Years
    Required/Preferred
    Experience
    5
    Required
    Cybersecurity frameworks and compliance: Proven experience auditing controls against NIST, ISO 27001, PCI-DSS, or SOC 2 standards, with working knowledge of current data protection laws, regulatory compliance, and third-party risk management practices.
    5
    Required
    Technical IT auditing: Strong ability to evaluate security controls such as network protection, identity access management, endpoint security, and incident response across modern IT environments.
    5
    Required
    Communication and reporting: Experienced in drafting audit reports, presenting findings to executive and legal stakeholders, and engaging vendors constructively.
    5
    Required
    Analytical and investigative thinking: Demonstrated ability to identify security gaps, assess risk impact, and make sound, evidence-based recommendations.
    4
    Required
    Third-party/vendor risk auditing: Hands-on experience conducting cybersecurity audits of external vendors, including due diligence, contract compliance, and risk assessments.
    3
    Required
    Policy and documentation review: Skilled at reviewing and validating security documentation, procedures, and control implementation for accuracy and completeness.
    3
    Preferred
    Cloud cybersecurity auditing: Experience auditing vendor environments hosted in AWS, Azure, or Google Cloud, including cloud-native controls and shared responsibility models.
    3
    Preferred
    Incident response and breach assessment: Familiarity with analyzing vendor incident response plans, reviewing past breaches, and evaluating remediation practices.
    3
    Preferred
    Contract interpretation and SLA compliance: Ability to interpret legal and technical language in vendor contracts to ensure proper implementation of SLAs, IT, and cybersecurity obligations.
    2
    Preferred
    Government or regulated industry experience: Background in auditing technology vendors serving courts.
    2
    Preferred
    Presentation to executives: Experience summarizing technical findings for non-technical audiences, including C-suite executives or legal counsel.
    1
    Preferred
    Certifications: At least one relevant certification (CISA, CISSP, CRISC, or ISO 27001 Lead Auditor).