Security Auditor

Vintti is a staffing agency dedicated to boosting the economic efficiency of US companies. We provide access to a diverse range of skilled Latin American professionals, allowing businesses to build robust teams without the traditional high costs associated with domestic hiring. Our model supports companies in maximizing their resources, driving innovation, and achieving sustainable growth.

A Security Auditor plays a crucial role in safeguarding an organization’s digital assets by evaluating and analyzing security systems, protocols, and infrastructure. This professional identifies vulnerabilities, assesses risks, and ensures compliance with industry standards and regulations. Through comprehensive audits and tests, Security Auditors recommend improvements and implement robust security measures to protect sensitive information from unauthorized access, breaches, and other cyber threats. Their work is fundamental in fostering a secure environment and maintaining the integrity and confidentiality of an organization's data.

- Bachelor's degree in Computer Science, Information Security, or a related field
- Minimum of 3-5 years of experience in security auditing, information security, or a related field
- Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS
- Proficiency in security tools and technologies for vulnerability assessment and penetration testing
- Certified Information Systems Auditor (CISA) or similar certification preferred
- Experience with risk assessment methodologies and tools
- Knowledge of regulatory requirements such as GDPR, HIPAA, and SOX
- Excellent analytical and problem-solving skills
- Strong communication skills, both written and verbal
- Ability to work independently and as part of a team
- Attention to detail and strong organizational skills
- Experience with incident response and handling security breaches
- Familiarity with cloud security practices and assessments
- Ability to develop and deliver security awareness training
- Proficient in documenting technical findings and creating detailed reports
- Demonstrated ability to work in a fast-paced environment and manage multiple tasks simultaneously
- Experience evaluating third-party vendor security practices and agreements
- Strong understanding of network and application security principles

- Conduct regular security audits and assessments of company systems, applications, and processes
- Review and analyze security logs, reports, and alerts to identify potential threats or vulnerabilities
- Evaluate and test security controls to ensure compliance with established standards and best practices
- Develop and implement security audit plans and procedures
- Collaborate with IT and security teams to develop and recommend corrective action plans for identified security weaknesses
- Perform risk assessments and impact analyses to determine the potential effects of vulnerabilities on the organization
- Document audit findings, prepare detailed reports, and present audit results to management
- Monitor and track the implementation of remediation actions to ensure timely resolution of identified issues
- Stay current with the latest security trends, threats, and technology developments
- Conduct follow-up audits to verify that corrective actions have been implemented and are effective
- Assist in the development and enforcement of security policies, standards, and procedures
- Participate in incident response activities and provide recommendations for containment and mitigation
- Provide training and guidance to employees on security best practices and awareness
- Review and evaluate third-party vendor security practices and agreements
- Collaborate with compliance and legal teams to ensure alignment with regulatory requirements
- Maintain and update security documentation, including audit records, risk assessments, and control matrices
- Coordinate and support external audits and assessments conducted by third-party auditors

The ideal candidate for the Security Auditor role holds a Bachelor's degree in Computer Science, Information Security, or a related field, complemented by a minimum of 3-5 years of relevant experience in security auditing or information security. They possess a deep understanding of security frameworks and standards such as ISO 27001, NIST, and CIS, with a preferred certification like CISA reflecting their advanced knowledge. This individual demonstrates proficiency in security tools and technologies for vulnerability assessment, penetration testing, and has a proven track record in risk assessment methodologies. They are well-versed in regulatory requirements including GDPR, HIPAA, and SOX, and exhibit excellent analytical and problem-solving skills paired with strong written and verbal communication abilities. Attention to detail and strong organizational skills underpin their capability to manage multiple tasks in a fast-paced environment. Their proactive, self-motivated nature is matched with a high level of integrity and ethical standards, allowing them to handle sensitive information with discretion. As a team player with robust interpersonal skills, they efficiently collaborate with IT, security, compliance, and legal teams. Furthermore, the ideal candidate continually stays abreast of the latest security trends and practices, displaying adaptability and a commitment to continuous learning, which ensures they provide effective security awareness training and enhancements.

- Conduct regular security audits and assessments of company systems, applications, and processes
- Review and analyze security logs, reports, and alerts to identify potential threats or vulnerabilities
- Evaluate and test security controls to ensure compliance with established standards and best practices
- Develop and implement security audit plans and procedures
- Collaborate with IT and security teams to develop and recommend corrective action plans for identified security weaknesses
- Perform risk assessments and impact analyses to determine the potential effects of vulnerabilities on the organization
- Document audit findings, prepare detailed reports, and present audit results to management
- Monitor and track the implementation of remediation actions to ensure timely resolution of identified issues
- Stay current with the latest security trends, threats, and technology developments
- Conduct follow-up audits to verify that corrective actions have been implemented and are effective
- Assist in the development and enforcement of security policies, standards, and procedures
- Participate in incident response activities and provide recommendations for containment and mitigation
- Provide training and guidance to employees on security best practices and awareness
- Review and evaluate third-party vendor security practices and agreements
- Collaborate with compliance and legal teams to ensure alignment with regulatory requirements
- Maintain and update security documentation, including audit records, risk assessments, and control matrices
- Coordinate and support external audits and assessments conducted by third-party auditors

- Strong analytical and critical thinking skills
- Excellent attention to detail
- High level of integrity and ethical standards
- Strong communication skills, both written and verbal
- Proactive and self-motivated attitude
- Ability to work well both independently and within a team
- Strong organizational and time management skills
- Adaptability and willingness to stay updated with the latest security trends and technologies
- Ability to handle sensitive information with discretion
- Strong problem-solving capabilities
- Technical proficiency and a keen interest in cybersecurity
- Ability to operate effectively in a high-pressure, fast-paced environment
- Skilled in developing and maintaining positive working relationships
- Strong commitment to continuous learning and professional development
- Resilience and perseverance in the face of challenges

- Competitive salary range: [Insert specific salary range]
- Health, dental, and vision insurance
- Retirement savings plan with company match
- Paid time off, including vacation, sick leave, and holidays
- Flexible work schedule
- Remote work opportunities
- Professional development and training programs
- Tuition reimbursement
- Certification fee reimbursement
- Life and disability insurance
- Employee wellness programs
- Health and wellness stipends
- Employee assistance program (EAP)
- Collaborative and inclusive work environment
- Opportunities for career advancement and growth
- Company-sponsored events and activities
- Modern office facilities with ergonomic workstations
- Commuter benefits and transportation assistance
- Tech stipend for home office setup