Information Security Auditor

We are seeking a detail-oriented and experienced Technical Security Auditor to lead comprehensive security assessments of customer network environments. This role is responsible for conducting internal and onsite audits, evaluating security controls, and ensuring compliance with corporate and federal security requirements.

The ideal candidate is technically strong, highly analytical, and comfortable interfacing directly with customers in professional settings.

• Plan and lead internal and onsite technical security audits of customer network environments
• Review and assess network topology, firewall configurations, anti-malware controls, system management procedures, and overall security architecture
• Evaluate customer security policies and procedures to ensure alignment with corporate and federal security control requirements
• Guide customers through the Technical Security Assessment process from initiation to completion
• Analyze customer-provided documentation including network diagrams, data-flow diagrams, and audit questionnaires
• Execute and thoroughly document audit activities across diverse computing and application environments
• Interpret collected artifacts and identify security gaps, deficiencies, and areas of risk
• Provide clear, actionable recommendations to help customers achieve compliance
• Review findings with internal security teams and track remediation efforts through resolution
• Prepare detailed post-audit reports for management and formal compliance documentation for customers
• Support ongoing security awareness initiatives and compliance verification activities for internal and external stakeholders

• Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or related field — or equivalent professional experience (minimum 4 years)
• Minimum 3 years of hands-on experience with one or more operating systems:
  Windows Server, Linux, or UNIX
• Minimum 3 years of practical experience in TCP/IP networking
• Strong understanding of information system architecture and security controls, including:
• Firewall and border router configurations
• Wireless architectures
• Database security
• Security policies and access controls
• Professional security certification required (e.g., CCNA Security or equivalent security certification)
• Experience conducting attack and penetration testing of internet infrastructure and web-based applications using manual and automated tools
• Familiarity with one or more database platforms:
  Microsoft SQL Server, Oracle, Sybase, DB2, or MySQL
• Working knowledge of programming languages such as Java, C, C++, C#, or .NET

• Strong knowledge of industry security standards and best practices
• Experience across system development lifecycle, backup and recovery, environmental controls, and operational security
• Excellent written and verbal communication skills
• Confident, articulate, and professional presentation abilities
• Ability to work independently while collaborating across cross-functional teams