Job Overview

Xtreme Solutions Inc. (XSI) is a rapidly expanding cybersecurity firm that provides innovative solutions to protect organizations from evolving cyber threats. We are seeking a highly skilled and certified Cybersecurity Auditor to perform compliance and risk management. The ideal candidate will be responsible for assessing, evaluating, and auditing customer cybersecurity measures to ensure compliance with regulatory standards, best practices, and internal policies. This role requires a meticulous and analytical professional capable of identifying vulnerabilities, recommending improvements, and helping maintain a robust cybersecurity posture.

Key Responsibilities

Audit Planning & Execution

Develop and execute cybersecurity audit plans and strategies based on industry standards and organizational needs.
Conduct comprehensive assessments of security controls, policies, and procedures.
Evaluate IT systems, applications, and networks for adherence to security standards.

Risk Assessment & Analysis

Identify, analyze, and document potential cybersecurity risks and vulnerabilities.
Assess the effectiveness of risk management and mitigation strategies.
Collaborate with stakeholders to prioritize and address identified risks.

Compliance Evaluation

Ensure adherence to applicable frameworks and regulations, such as NIST, ISO 27001, GDPR, CCPA, HIPAA, CMMC, etc.
Review and validate compliance with organizational policies and contractual requirements.
Prepare reports detailing compliance gaps and actionable recommendations.

Reporting & Documentation

Generate clear and concise audit reports for technical and executive audiences.
Maintain detailed records of audit findings, methodologies, and outcomes.
Provide regular updates and recommendations to leadership on security improvements.

Continuous Improvement

Recommend and implement enhancements to auditing tools and techniques.
Stay current on emerging cybersecurity threats, regulations, and best practices.
Support training and awareness initiatives to improve organizational security practices.

Qualifications

Education and Certifications

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent work experience considered.
Relevant certifications such as:

Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
ISO 27001 Lead Auditor
Certified Cybersecurity Auditor (CCA)

Experience

Minimum of 3-5 years of experience in cybersecurity auditing, IT compliance, or related fields.
Proven experience conducting audits aligned with industry frameworks and regulations.

Preferred:

Hands-on experience with cloud environments (e.g., AWS, Azure, Google Cloud).
Expertise in specific regulatory environments such as PCI-DSS, SOX, or FISMA.
Proficiency in risk assessment and governance frameworks (e.g., COBIT, ITIL).
Knowledge of scripting or programming for automation (e.g., Python, PowerShell).

Skills:

In-depth knowledge of cybersecurity standards, frameworks, and regulations.
Familiarity with auditing tools and technologies (e.g., Nessus, Qualys, Splunk, or other GRC platforms).
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills for technical and non-technical audiences.
Ability to work independently and manage multiple audit engagements simultaneously.

Work Environment

Willingness to travel occasionally for onsite audits or client engagements.
Availability to work outside of regular business hours when needed for audits or investigations.

Benefits and Compensation

Competitive base salary with performance-based bonuses.
Comprehensive health, dental, and vision insurance, with employer contributions.
Generous 401(k) plan with company match.
Flexible paid time off (PTO).
Tuition reimbursement program to support your continuous learning and development.
Opportunities for professional growth, with a potential pathway to leadership roles.