Information Security Auditor DUTIES: Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of ...
Quick apply
Information Security Auditor DUTIES: Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of ...
Job Overview Third Party Product Security Auditor About the Role The Third Party Product Security Auditor is responsible for leading security programs with Contract Manufacturing (CM), Research and ...
Job Overview Third Party Product Security Auditor About the Role The Third Party Product Security Auditor is responsible for leading security programs with Contract Manufacturing (CM), Research and ...
The IT Security Auditor will evaluate the organization's next generation information technology infrastructure, policies, and operations to ensure they are secure, efficient, and compliant with ...
The IT Security Auditor will evaluate the organization's next generation information technology infrastructure, policies, and operations to ensure they are secure, efficient, and compliant with ...
Information Security Auditor
Dayton, OH ยท On-site
$40K - $45K/yr
Position Description As an Information Security Auditor, you will learn and evaluate the security of IT environments. You will be responsible for completing customer due diligence requests by ...
Information Security Auditor
Dayton, OH ยท On-site
$40K - $45K/yr
Position Description As an Information Security Auditor, you will learn and evaluate the security of IT environments. You will be responsible for completing customer due diligence requests by ...
Internal Security Auditor
Columbus, OH ยท On-site
Job Summary Battelle's Internal Audit team is currently seeking an Information Security Auditor who will play a vital role in assessing cyber risk, strengthening controls, and protecting critical ...
Internal Security Auditor
Columbus, OH ยท On-site
Job Summary Battelle's Internal Audit team is currently seeking an Information Security Auditor who will play a vital role in assessing cyber risk, strengthening controls, and protecting critical ...
The IT Security Auditor will evaluate the organization's next generation information technology infrastructure, policies, and operations to ensure they are secure, efficient, and compliant with ...
The IT Security Auditor will evaluate the organization's next generation information technology infrastructure, policies, and operations to ensure they are secure, efficient, and compliant with ...
Internal Security Auditor
Columbus, OH ยท On-site
Job Summary Battelle's Internal Audit team is currently seeking an Information Security Auditor who will play a vital role in assessing cyber risk, strengthening controls, and protecting critical ...
Internal Security Auditor
Columbus, OH ยท On-site
Job Summary Battelle's Internal Audit team is currently seeking an Information Security Auditor who will play a vital role in assessing cyber risk, strengthening controls, and protecting critical ...
PKI Auditor - Army
Fort Belvoir, VA ยท Hybrid
Description Missing Link Security is a government contractor with a mission to secure the nation ... If you are a PKI Auditor looking to join a dynamic and innovative team, we encourage you to apply ...
PKI Auditor - Army
Fort Belvoir, VA ยท Hybrid
Description Missing Link Security is a government contractor with a mission to secure the nation ... If you are a PKI Auditor looking to join a dynamic and innovative team, we encourage you to apply ...
Summary: Join a premier blockchain security firm trusted by top-tier DeFi protocols as a Blockchain Security Auditor. This role involves conducting manual code reviews to identify critical ...
Summary: Join a premier blockchain security firm trusted by top-tier DeFi protocols as a Blockchain Security Auditor. This role involves conducting manual code reviews to identify critical ...
We are looking to fill a position for Security Auditor in Lansing MI. Qualifications * Information Technology Experience * IT Security and/or Audit * PCI, NIST, FISMA, HIPPA, CJIS or related ...
We are looking to fill a position for Security Auditor in Lansing MI. Qualifications * Information Technology Experience * IT Security and/or Audit * PCI, NIST, FISMA, HIPPA, CJIS or related ...
PKI Auditor - Army
Fort Belvoir, VA ยท Hybrid
Description Missing Link Security is a government contractor with a mission to secure the nation ... If you are a PKI Auditor looking to join a dynamic and innovative team, we encourage you to apply ...
PKI Auditor - Army
Fort Belvoir, VA ยท Hybrid
Description Missing Link Security is a government contractor with a mission to secure the nation ... If you are a PKI Auditor looking to join a dynamic and innovative team, we encourage you to apply ...
IT Security Auditor
Richmond, VA ยท On-site
Assess current security controls and processes against new CMS, IRS, and SCC security standards. Identify gaps and recommend remediation steps to achieve and maintain compliance. Plan, lead, and ...
Quick apply
IT Security Auditor
Richmond, VA ยท On-site
Assess current security controls and processes against new CMS, IRS, and SCC security standards. Identify gaps and recommend remediation steps to achieve and maintain compliance. Plan, lead, and ...
Conduct comprehensive assessments of security controls, policies, and procedures. Evaluate ... Continuous Improvement Recommend and implement enhancements to auditing tools and techniques. Stay ...
Conduct comprehensive assessments of security controls, policies, and procedures. Evaluate ... Continuous Improvement Recommend and implement enhancements to auditing tools and techniques. Stay ...
Advanced knowledge of security standards and experience performing security audits. Experience in Governance Risk and Compliance. Years of Experience: 10 or more years with IT security and audit ...
Advanced knowledge of security standards and experience performing security audits. Experience in Governance Risk and Compliance. Years of Experience: 10 or more years with IT security and audit ...
I have an opportunity to be a "IT Security Auditor - Dimondale, Michigan - HYBRID " and I am looking for a candidate who can join Immediately if you are interested, reply to me with your updated ...
I have an opportunity to be a "IT Security Auditor - Dimondale, Michigan - HYBRID " and I am looking for a candidate who can join Immediately if you are interested, reply to me with your updated ...
IT Security Auditor
Austin, TX ยท Remote
DESCRIPTION OF SERVICES Responsibilities may include, but are not limited to: 1. Plan, execute, and report on IT and cybersecurity audits to assess the effectiveness of security controls, risk ...
Quick apply
IT Security Auditor
Austin, TX ยท Remote
DESCRIPTION OF SERVICES Responsibilities may include, but are not limited to: 1. Plan, execute, and report on IT and cybersecurity audits to assess the effectiveness of security controls, risk ...
Strong independent work ethic (auditor mentality), exceptional oral and written communication ... Top Secret Security Clearance with SCI eligibility.
Strong independent work ethic (auditor mentality), exceptional oral and written communication ... Top Secret Security Clearance with SCI eligibility.
Applies Government Auditing Standards and a wide range of evaluation techniques (e.g., interviews ... Must be able to obtain and maintain a TOP SECRET security clearance with Special Compartmented ...
Applies Government Auditing Standards and a wide range of evaluation techniques (e.g., interviews ... Must be able to obtain and maintain a TOP SECRET security clearance with Special Compartmented ...
Applies Government Auditing Standards and a wide range of evaluation techniques (e.g., interviews ... Must be able to obtain and maintain a TOP SECRET security clearance with Special Compartmented ...
Applies Government Auditing Standards and a wide range of evaluation techniques (e.g., interviews ... Must be able to obtain and maintain a TOP SECRET security clearance with Special Compartmented ...
IT Security Auditor Richmond, VA ON SITE REQUIRED: Tuesday AND Thursday each week 12+ Months Description: SCC's Health Benefit Exchange division is seeking an experienced IT Auditor Parking not ...
IT Security Auditor Richmond, VA ON SITE REQUIRED: Tuesday AND Thursday each week 12+ Months Description: SCC's Health Benefit Exchange division is seeking an experienced IT Auditor Parking not ...
Security Auditor information
See salary details
$11K - $22.8K
0% of jobs
$22.8K - $34.5K
12% of jobs
$34.5K - $46.3K
7% of jobs
$49.7K is the 25th percentile. Wages below this are outliers.
$46.3K - $58.1K
20% of jobs
$58.1K - $69.9K
3% of jobs
$69.9K - $81.6K
3% of jobs
The median wage is $93.4K / yr.
$81.6K - $93.4K
4% of jobs
$93.4K - $105.2K
6% of jobs
$105.2K - $117K
6% of jobs
$117K - $128.7K
6% of jobs
$131K is the 75th percentile. Wages above this are outliers.
$128.7K - $140.5K
31% of jobs
$11K
$90K
$140.5K
How much do security auditor jobs pay per year?
As of Jun 21, 2026, the average yearly pay for security auditor in the United States is $89,997.00, according to ZipRecruiter salary data. Most workers in this role earn between $48,000.00 and $130,000.00 per year, depending on experience, location, and employer.
How to become a security auditor?
To become a security auditor, individuals typically need a bachelor's degree in cybersecurity, information technology, or a related field, along with experience in IT security. Earning certifications such as Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) can enhance job prospects. Strong analytical skills, knowledge of security frameworks, and familiarity with auditing tools are also important for success in this role.
Can you make $500,000 a year in cyber security?
Security auditors and senior cybersecurity professionals with extensive experience, advanced certifications, and specialized skills can potentially earn $500,000 or more annually, especially in high-demand industries or senior leadership roles. Achieving this level often requires years of experience, a strong track record, and expertise in areas like risk management, compliance, or security architecture.
What are the key skills and qualifications needed to thrive as a Security Auditor, and why are they important?
To thrive as a Security Auditor, you need a thorough understanding of information security principles, risk assessment methodologies, and compliance frameworks, often supported by a degree in cybersecurity or related fields. Familiarity with audit tools, vulnerability scanners, and certifications such as CISA or CISSP is typically expected. Analytical thinking, attention to detail, and effective communication are crucial soft skills for identifying security gaps and conveying findings. These skills ensure that organizations maintain robust security postures and meet regulatory requirements.
What are some common challenges Security Auditors face when evaluating an organization's security controls?
Security Auditors often encounter challenges such as incomplete documentation, resistance to change from staff, and rapidly evolving technology environments. They must navigate complex IT infrastructures and ensure compliance with multiple regulatory frameworks, which can require juggling competing priorities and tight deadlines. Effective auditors use strong communication and analytical skills to identify vulnerabilities, explain risks, and collaborate with both technical teams and management to drive continual improvement.
What are Security Auditors?
Security Auditors are professionals who assess and evaluate an organization's information systems and security policies to ensure compliance with regulations and best practices. They identify vulnerabilities, review controls, and recommend improvements to prevent security breaches or data loss. Security Auditors often conduct regular audits, prepare detailed reports, and collaborate with IT and management teams to strengthen the organization's security posture.
How much do security auditors make?
Security auditors typically earn a median annual salary of around $70,000 to $100,000, depending on experience, certifications, and location. Senior or specialized auditors with certifications like CISSP or CISA can earn higher salaries, often exceeding $120,000 annually.
What Is a Security Auditor?
A security auditor is an IT professional in charge of evaluating cybersecurity for a company. As a security auditor, you regularly test information systems, looking for exploits or loopholes that would give an unscrupulous individual access to protected company information. Your job duties also include developing security protocols and working with other teams within the company to ensure everyone is kept up to date with the best practices and other protocols. You must also keep track of relevant laws and regulations, as well as new security threats, to maintain proper cybersecurity for your employer.
What is the difference between Security Auditor vs Security Analyst?
| Aspect | Security Auditor | Security Analyst |
|---|---|---|
| Certifications | ISO 27001 Lead Auditor, CISSP, CISA | CISSP, CompTIA Security+, GIAC Security Essentials |
| Work Environment | Audit firms, consulting companies, corporate compliance teams | IT departments, security operations centers, corporate environments |
| Primary Focus | Assessing security policies, compliance, and controls | Monitoring security threats, incident response, and vulnerability management |
While both roles focus on cybersecurity, Security Auditors primarily evaluate security policies and compliance through audits, whereas Security Analysts monitor and respond to security threats in real-time. Understanding these differences helps organizations assign the right professionals to their security needs.
What does a security auditor do?
A security auditor evaluates an organization's information systems, networks, and security policies to identify vulnerabilities and ensure compliance with security standards. They perform assessments using tools like vulnerability scanners and may prepare reports to recommend improvements, often holding certifications such as CISSP or CISA. Their work helps protect data and maintain the integrity of IT infrastructure.
More about Security Auditor jobs
What cities are hiring for Security Auditor jobs? Cities with the most Security Auditor job openings:
Who are the top companies hiring for Security Auditor jobs? The top employers for Security Auditor jobs are:
What states have the most Security Auditor jobs? States with the most job openings for Security Auditor jobs include:
What job categories do people searching Security Auditor jobs look for? The top searched job categories for Security Auditor jobs are:
What are popular job titles related to Security Auditor jobs? For Security Auditor jobs, the most frequently searched job titles are:
Full-time
Posted 22 days ago
Job description
Salary: $166,000-$170,000 per year, depending upon experience
SecurityPal, Inc.
San Francisco, CA
TITLE: Information Security Auditor
DUTIES:
Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of contact for clients, ensuring clear communication, understanding of requirements, and satisfaction with services provided; Develop and implement assessment methodologies tailored to client needs and industry best practices; Collaborate with clients to identify their security needs and customize assessment approaches accordingly; and Analyze assessment findings and provide strategic security recommendations to clients to mitigate risks effectively; Generate detailed assessment reports outlining findings, risk levels, and recommendations for remediation. Present findings to clients in a clear, concise, and actionable manner; Foster strong client relationships by proactively addressing concerns, anticipating needs, and providing exceptional service. Act as a trusted advisor on security matters; Collaborate with clients during security incidents to provide technical guidance and support incident response efforts; Perform comprehensive risk assessments beyond vendor assessments, such as enterprise-wide risk assessments, to identify and prioritize risks across different business units or systems; Collaborate with other teams within the organization (e.g., IT, legal, compliance) on security-related initiatives such as policy development, security awareness programs, or incident response exercises; and Conduct readiness assessments for ISO, SOC 2, Fedramp Compliance, evaluating current processes, controls, and documentation to identify gaps and areas needing improvement to achieve compliance and certification. **Telecommuting Allowed for this position**
Minimum Requirements: Masters Degree in Cyber Security and Information Assurance or a substantially related field; thirty (30) months of Work experience in a Cyber Security role; Experience conducting Information Security (IS) Audits compliant with ISO 27001:2013 and SOC 2 Type 2 standards. Telecommuting Allowed for this position.
SALARY: $166,000-$170,000 per year, depending upon experience
HOURS: 9:00 A.M. - 6:00 P.M
About SecurityPal
Sourced by ZipRecruiter
Industry
Software development
Company size
11 - 50 Employees
Headquarters location
San Francisco, CA, US
Year founded
2020