Cybersecurity Auditor
Job Summary
Job Description
The Cybersecurity Auditor will work with Security and Safety teams to understand information security risks, design and execute audit programs, analyze results, and provide data-driven recommendations. Responsibilities include testing security controls, preparing detailed audit reports, managing stakeholder relationships, and influencing audit risk prioritization. The ideal candidate possesses strong experience in internal audit, risk, or compliance, with a focus on cybersecurity, and ideally holds relevant certifications like CISSP or CISA. The role requires experience in designing and implementing internal controls, reviewing business processes, and working with various security frameworks (NIST, FedRAMP, ISO 27000, etc.).
Must have:
- Bachelor's degree or equivalent experience
- 4+ years in Internal Audit/Risk/Compliance (Cybersecurity focus)
- Experience designing/testing internal controls
- Audit program development & reporting
- Risk mitigation recommendations
Good to have:
- CISSP, CCSP, PMP, CRISC, CISA
- Relational database experience (SQL)
- Object-oriented programming experience (Python, Java, C++)
- Experience with NIST, FedRAMP, ISO 27000, PCI-DSS, SOC 2
- Risk assessment and control implementation
Perks:
- Bonus
- Equity
- Benefits
6 skills required
Job Details
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 4 years of experience in Internal Audit, Risk, or Compliance roles with a focus on Cybersecurity.
- Experience designing, implementing, or testing internal controls and reviewing business processes in conjunction with underlying systems.
- Experience developing audit programs, reporting on audit findings, or making recommendations for risk mitigation.
Preferred qualifications:
- CISSP, CCSP, PMP, CRISC, CISA, or related certifications.
- Experience with relational databases (e.g., SQL).
- Experience with structures/principles of object-oriented programming, using Python, Java, C++ or comparable language to evaluate for risk and design.
- Experience testing controls to determine compliance with NIST, FedRAMP, ISO 27000 series, PCI-DSS, SOC 2, CCM or other frameworks.
- Experience performing risk assessments, designing, or implementing internal controls, and auditing platforms, hardware, and devices, content moderation, online advertising, cloud technologies, content licensing, e-commerce, privacy, security, AI, or regulatory compliance.
- Ability to navigate ambiguity, and manage/coordinate multiple projects simultaneously in a fast-paced, deadline-driven environment.
About the job
The Internal Audit team's mission is to focus on reducing risk across Alphabet by monitoring the risk environment and providing insights to enable risk management. The team works with leadership/teams to achieve a control environment that enhances and protects organizational value. As a member of the team, you’ll advise the business and engineering groups to identify areas of risk and make valuable recommendations on controls. You’ll have the opportunity to influence change and decisions for business initiatives including product launches and system implementations.
The US base salary range for this full-time position is $122,000-$174,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about .
Responsibilities
- Work and build relationships with Security and Safety teams to understand the information security risk profile of a function, service, or product area for audit planning and execution.
- Design and execute audit programs and procedures to test and provide analysis on the design and operating effectiveness of key security controls that mitigate risks.
- Analyze audit results, draw conclusions, and provide practical, risk-based, data-driven recommendations for improvement.
- Prepare detailed audit reports summarizing scope, procedures, findings, and recommendations.
- Manage relationships with stakeholders and leverage to gain meaningful risk insights to influence the Audit Risk Universe and engagement and service offering prioritization.
Similar Jobs
Bengaluru, Karnataka, India (On-Site)
• 1 Month ago
Kirkland, Washington, United States (On-Site)
• 1 Month ago
ByteDance
San Jose, California, United States (On-Site)
• 1 Month ago
Hyderabad, Telangana, India (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Match Group
Palo Alto, California, United States (Hybrid)
• 7 Months ago
PwC
Kolkata, West Bengal, India (On-Site)
• 8 Months ago
San Bruno, California, United States (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Jobs in Chicago, Illinois, United States
Next Level Business Services
Charlotte, North Carolina, United States (On-Site)
• 7 Months ago
Scanline VFX
Los Angeles, California, United States (Hybrid)
• 7 Months ago
Omitron
Colorado Springs, Colorado, United States (On-Site)
• 3 Weeks ago
CD PROJEKT RED
Boston, Massachusetts, United States (Remote)
• 1 Week ago
Zoox
Foster City, California, United States (Hybrid)
• 7 Months ago
quience
Palo Alto, California, United States (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
London, England, United Kingdom (On-Site)
• 1 Month ago
PwC
Amsterdam, North Holland, Netherlands (On-Site)
• 4 Months ago
Kuwait City, Al Asimah Governate, Kuwait (On-Site)
• 1 Month ago
ByteDance
Singapore (Hybrid)
• 2 Months ago
Get notifed when new similar jobs are uploaded
