5,036 Cybersecurity Auditor jobs in the United States

Description Sempra: Where opportunity powers impact At Sempra, we tackle the biggest energy challenges that face ourindustry. Our high-performing team leverages the full capabilities ofour organization to serve 40 million consumers across NorthAmerica. By collaborating and challenging one another acrossmultiple disciplines, we inspire our best work, ideas andinnovation. From increasing liquified natural gas (LNG) capacitiesto reducing carbon emissions to helping people prepare for therealities of climate change, we are committed to building a betterenergy future for all. Primary Purpose Plan and oversee all phases of cybersecurity audit engagements. Perform internal audit controls testing and documentation, working paper review and sign-off, report writing, and follow-up of previously reported management corrective actions. Provide cybersecurity audit advisory and consultancy to internal technology and non-technology business partners. Focus on cybersecurity audit engagements but may include an occasional non-cybersecurity audit. Involvement in developing the annual audit plan and participation in ad-hoc projects. Lead teams of generally one to four people on audit engagements – potentially including contract and co-source staff. The role is purely an internal audit function (e.g., not cybersecurity engineering, security operations, or network infrastructure implementation). Audit Services operates in conformance with the Institute of Internal Auditors' Global Audit Standards for the Professional Practice of Internal Auditing. Duties and Responsibilities Performs audit controls testing, advisory, and consultancy work, documentation and report writing. Oversees audit, advisory and consultancy engagements. Ensures previously reported management corrective actions are fulfilled. Performs other duties as assigned (no more than 5% of duties). Qualifications Education 10+ years of experience inCybersecurity internal audit or a mix of IT, Cybersecurity, Information Security, and cybersecurity audit experience is required. Skills and Abilities The following skills and abilities are required: Cybersecurity auditing skills. Cybersecurity, information technology. Project management and supervisory skills. Must reside in Southern California or be willing to relocate upon hire. We offer a hybrid work environment. Although the schedule may vary, typically this will allow you to work from the office three days per week and work remotely on the remaining workdays. Licenses and Certifications CISA is required. OtherIT/Cybersecurity Professional Certification (e.g., CISSP, CISM, CRISC, CIA) is preferred. Other Qualifications Ability to travel up to approximately 10% locally (San Diego, Los Angeles, Texas), potentially elsewhere nationally required. #J-18808-Ljbffr

We are a forward-thinking company dedicated to safeguarding our digital assets and ensuring the highest level of security for our operations and clients. Our team is composed of innovative professionals who are passionate about technology and information security. We are seeking a skilled Information Security Analyst to join our remote team and help us fortify our security posture.

Job Summary:
As a Remote Information Security Analyst, you will be responsible for monitoring, analyzing, and protecting our organization's information systems from security threats. You will collaborate with various teams to implement security measures, conduct risk assessments, and respond to security incidents. Your expertise will be crucial in creating a secure environment for our critical data and systems.

Key Responsibilities:
- Monitor network traffic and security events to identify potential security incidents.
- Conduct vulnerability assessments and penetration testing to identify weaknesses in systems and applications.
- Develop and implement security policies, standards, and procedures.
- Assist in incident response and investigation of security breaches and threats.
- Collaborate with IT and development teams to ensure security best practices are integrated into new projects and systems.
- Provide security awareness training to employees and stakeholders.
- Stay updated on the latest cybersecurity trends, threats, and technologies.
- Prepare reports on security incidents, vulnerabilities, and compliance with regulations.
- Participate in audits and compliance assessments to ensure adherence to security standards.

Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
- Proven experience as an Information Security Analyst or similar role.
- Strong understanding of network security protocols, firewalls, and intrusion detection/prevention systems.
- Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
- Experience with security tools such as SIEM, antivirus, and endpoint protection solutions.
- Knowledge of risk assessment methodologies and vulnerability management.
- Excellent problem-solving skills and attention to detail.
- Strong verbal and written communication skills.
- Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

What We Offer:
- Competitive salary and benefits package.
- Flexible work hours and a fully remote work environment.
- Opportunities for professional development and training.
- A supportive and collaborative team culture.
- Work-life balance and wellness programs.

How to Apply:
If you are passionate about cybersecurity and ready to make a difference, we want to hear from you! Please submit your resume.

Join us in our mission to protect our digital world!

Information Security Analyst

About IEX

IEX (IEX Group, Inc.) is an exchange operator and technology company dedicated to innovating for performance in capital markets. Founded in 2012, IEX launched a new kind of securities exchange in 2016 that combines a transparent business model and unique architecture designed to protect investors. Today, IEX applies its proprietary technology and experience to drive performance across asset classes, serve investors, and advocate for transparent and competitive markets.

Role Overview:

IEX is looking for an experienced Information Security Analyst to join our Information Security Team. You will perform security compliance and oversight of our environment and utilize security tools and processes to review, detect, investigate and/or escalate events that require further examination. You should have a solid understanding of information security, networking concepts, and strong analytical skills. You should be a strong team player who works with others to drive continuous improvement for yourself, the team and the program.

About You:

• Self-starter who is proactive and entrepreneurial
• Organized, detail-oriented, and process-oriented
• Cross-functional team player, resourceful, and responsive
• Excellent analytical, critical thinking, communication, and problem-solving skills

What You’ll Do:

• Identify security threats by monitoring and correlating events originating from security tooling and event logs
• Apply and maintain standardized procedures to investigate and resolve potential security incidents
• Tune security tooling as required to optimize and enhance the information available for analyzing potential security events
• Identify and track security metrics related to environment and industry trends to create a normalized view of expected network behavior and to detect anomalies
• Assist in running the IEX vulnerability management program as well as identify vulnerabilities that may exist in the environment through available sources and assessments
• Identify and lead projects that further advance IEX’s ability to detect, contain, and eradicate threats
• Review threat intelligence sources for items that are relevant to IEX and investigate those that are applicable
• Perform security and risk assessments of third-party tools, vendors, and systems
• Work within the information security analyst team to perform and optimize operations and compliance oversight processes to confirm adherence to policy requirements

Your Background:

• 3-5 years of experience in an Information Security Analyst role, or equivalent
• B.S./B.A. in Information Technology, Information Security, Computer Science, or a related field
• Strong passion for and background in cybersecurity/information security, or related field experience
• Deep understanding of threats, vulnerabilities, attack methodologies, and countermeasures
• Strong experience with reviewing event logs, syslog, and using SIEM technologies
• Familiarity with NIST standards and the MITRE ATT&CK Framework
• Experience with security tooling, applications, platforms
• SOAR
• Threat Intelligence
• SIEM
• Vulnerability Management Solutions
• AD/Entra ID
• EDR
• CSPM
• Experience with Microsoft Excel

Nice-to-Haves:

• Project management experience
• Technical understanding of networking, operating systems, cloud platforms and related security technologies
• Scripting experience (e.g., Python, Ruby, BASH, Powershell) preferred
• Relevant certifications (e.g., SSCP, GCIH, GCIA, GCFA, CISSP) a strong plus

Our job titles may span more than one career level. The starting annual base pay is between $115,000 and $150,000 for this NY-based position. The actual base pay is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The annual base pay range is subject to change and may be modified in the future. This role is eligible for bonus and equity.

Here at IEX, we are dedicated to an inclusive workplace and culture. We are an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, sex, marital status, veteran status, sexual orientation, genetic information or any other characteristic protected by applicable federal, state or local laws. This policy not only complies with all applicable laws and protects workers' rights but is vital to IEX’s overall mission and values.

VeSync is a portfolio company with brands that cover different categories of health & wellness products. We wouldn’t be surprised if you have one of our Levoit air purifiers in your living room or a COSORI air fryer whipping up healthy and delicious meals for you every night. We’re a young and energetic company, we’ve had tremendous success, and we are constantly growing our team. As we garner more industry attention – just check out our accomplishments and awards by CES Innovation, iF Design, IGA, and Red Dot – we also need driven and talented people to join our team. That brings us to you, and what you’ll be joining. Our teams are smart and diligent and take ownership of their work – they’re confident in their work but know how to collaborate with open ears and a spirit of learning. If you’re down-to-earth, approachable, and easy to strike up a conversation with, this may be a great fit for you. Check out our brands: The Opportunity: As an Information Security Analyst, this role is vital in protecting the organization's IT infrastructure and ensuring the confidentiality, integrity, and availability of systems and data. The position plays a key part in maintaining a secure and resilient digital environment, safeguarding sensitive information, ensuring compliance with regulatory standards, and proactively addressing potential risks. This role directly supports the organization’s ability to defend against emerging cyber threats, respond swiftly to incidents, and uphold the trust of customers and stakeholders. Through collaboration with cross-functional teams, the Information Security Analyst helps develop and implement comprehensive security strategies, drives ongoing improvements in the organization's security posture, and ensures alignment with industry best practices. What you will do at VeSync: Information Security Planning • Develop and implement comprehensive information security plans to safeguard the security of company data and assets , including on-premise and cloud environments. • Thoroughly analyze the company's business processes and data characteristics, and combine industry best practices and frameworks such as NIST Cybersecurity Framework (CSF) to create customized security plans, ensuring the confidentiality, integrity, and availability of information assets in various scenarios. Policy Development and Compliance • Create security policies and ensure that the company's operations are in strict compliance with industry standards (e.g., ISO 27001, NIST, GDPR) and regulatory requirements. • Continuously monitor industry trends and regulatory changes, and adjust security policies in a timely manner to provide a solid security and compliance framework for the company's business operations. System, Network and Cloud Security • Maintain and enhance security measures for systems, networks , and public cloud platforms (e.g., AWS, Azure, GCP) to prevent potential threats. • Utilize advanced technical means and tools to conduct real - time monitoring and risk early warning of systems, networks, and cloud environments, promptly detect and block various attack behaviors, and ensure the stable and secure operation of IT infrastructure . Security Monitoring and Incident Response • Monitor security events in real - time, respond promptly to emergencies, and effectively mitigate risks. • Build an efficient security monitoring platform, use intelligent analysis technology to promptly capture abnormal behaviors, activate emergency response plans, and minimize the impact of security incidents. Security Awareness and Training • Develop and deliver security training programs to enhance employees' security awareness and encourage their adherence to best practices. • Design targeted training courses according to the needs of different positions and use diverse training methods to ensure that employees have a deep understanding of and implement security requirements. Access Control and Identity Management • Oversee user access controls, regularly review permissions, and ensure secure identity management. • Implement a strict access control mechanism, Conduct regular audits of user permissions, and use reliable identity management systems to prevent unauthorized access and ensure the security of company resources. Risk Assessment and Management • Conduct comprehensive risk assessments, identify vulnerabilities, and implement effective mitigation strategies. • Use scientific risk assessment methods and frameworks such as NIST CSF to evaluate potential threats and vulnerabilities, formulate corresponding mitigation measures based on the assessment results, and continuously improve the company's security defense capabilities. What you bring to the role: • Bachelor’s degree in Information Security, Computer Science, or a related field. • 5+ years of experience in information security, with a strong background in security event analysis, incident response, vulnerability management, and risk assessment. • Hands-on experience with public cloud security (e.g., AWS, Azure, GCP), including cloud-native security tools and best practices. • Familiarity with security regulatory compliance standards and frameworks such as NIST CSF, ISO 27001, and CIS. • Knowledge of network security principles, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection. • Understanding these aspects is essential for ensuring the company's security compliance and building a robust security defense system. • Strong analytical and problem - solving skills, with the ability to quickly identify and mitigate security threats. • Relevant security certifications such as CISSP, CISM, CEH are a plus. Location: This is an on-site, office-based role in Tustin, CA. Salary: Starting at $110,000 annually Perks and Benefits: •Company covers 100% for Medical/Dental/Vision insurances for employee AND spouse + dependents! •401K with 4% employer match (eligible after 90 days of employment) and immediate 100% vesting •Voluntary Life Insurance •Disability Insurance •Critical Illness Coverage •Dependent Care FSA •Employee Assistance Program (EAP) •Fully stocked kitchen Seniority level Seniority level Mid-Senior level Employment type Employment type Full-time Job function Job function Information Technology Industries Appliances, Electrical, and Electronics Manufacturing Referrals increase your chances of interviewing at VeSync by 2x Sign in to set job alerts for “Information Security Analyst” roles. Irvine, CA $08,135.00- 173,016.00 1 week ago Long Beach, CA 285,000.00- 335,000.00 1 week ago Manager, Information Security Innovation Engineer (Automation and Innovation) Irvine, CA 200,000.00- 250,000.00 1 week ago Information Security Analyst (SOC 2 Compliance) Irvine, CA 92,400.00- 115,000.00 1 month ago Santa Ana, CA 100,000.00- 125,000.00 6 days ago Rancho Santa Margarita, CA 80,000.00- 110,000.00 1 month ago Cybersecurity Incident Response Engineer Information Security - Network Security Analyst Rancho Santa Margarita, CA 80,000.00- 110,000.00 3 weeks ago Information Security Analyst – Strategic Services Irvine, CA $1 5,000.00- 115,000.00 1 month ago Newport Beach, CA 55.00- 62.00 1 week ago Long Beach, CA 115,000.00- 185,000.00 2 days ago Irvine, CA 90,000.00- 135,000.00 7 hours ago Irvine, CA 90,000.00- 135,000.00 1 week ago Fountain Valley, CA 83,940.00- 120,032.00 2 weeks ago Epic Provisioning and Security Application Analyst I, II, III Whittier, CA 92,955.20- 169,104.00 2 weeks ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr