IT Auditor
About The Position
The Office of the Attorney General of Texas (OAG) is seeking an experienced IT Auditor</b> to provide independent assurance over the organization’s information technology and cybersecurity control environment. This role supports enterprise risk management, regulatory compliance, and the effectiveness of cybersecurity governance across systems and infrastructure. The IT Auditor will plan and execute IT and cybersecurity audits, evaluate control effectiveness, and assess compliance with applicable frameworks, regulations, and internal policies. The position collaborates closely with governance, risk, compliance (GRC), and business stakeholders. This is a contract role operating in a hybrid on -site and telework environment.
Requirements
- 8 years of experience planning, conducting, and documenting IT and cybersecurity audits.
- 8 years of experience evaluating security controls across systems, networks, applications, cloud environments, and data platforms.
- 8 years of experience assessing cybersecurity risks using recognized frameworks and standards.
- 8 years of experience performing compliance testing against laws, regulations, and internal policies.
- 8 years of experience reviewing IAM, vulnerability management, incident response, disaster recovery, and business continuity processes.
- 8 years of experience identifying control deficiencies and developing audit findings and recommendations.
- 8 years of experience preparing and delivering formal audit reports.
- 8 years of experience tracking and validating remediation plans.
- Ability to resolve complex security issues and communicate effectively in decentralized environments.
- Experience conducting forensic investigations related to cyberattacks.
Nice To Haves
- CISSP certification
- PMP certification
Responsibilities
- Plan, execute, and report on IT and cybersecurity audits in accordance with approved methodologies and professional standards.
- Evaluate the design and operating effectiveness of information security and cybersecurity controls.
- Conduct cybersecurity risk assessments aligned with recognized frameworks and standards.
- Assess compliance with applicable laws, regulations, contractual obligations, and internal policies.
- Review identity and access management, vulnerability management, incident response, disaster recovery, and business continuity processes.
- Identify control deficiencies, root causes, and associated risk impacts.
- Develop clear, actionable audit findings and recommendations.
- Prepare formal audit reports and present results to management and senior leadership as required.
- Track, monitor, and validate remediation efforts to ensure timely resolution of audit findings.
- Support third -party and vendor risk assessments, including review of SOC reports.
Benefits
- Health Care: Air InfoSec offers an Individual Coverage Health Reimbursement Arrangement (ICHRA), providing up to $350/month in tax -free reimbursements to help cover the cost of your own health insurance premium. This gives you the flexibility to choose the plan that works best for you and your family.
- Paid Time Off (PTO): 1 hour of PTO earned for every 20 hours worked. Can carryover up to 5 days of PTO to the next calendar year.
- Holidays: 5 paid state holidays (annually) 2 paid floating holidays (annually)
- Continuing Education: $100 per year to apply towards annual certification fees or educational training.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Career Level
Mid Level
Education Level
No Education Listed
