Cybersecurity Auditor

We are seeking an analytical and detail-oriented Cybersecurity Auditor to support the evaluation and enhancement of cybersecurity controls across the organization. The ideal candidate will have hands‑on experience in Identity and Access Management (IAM), Vulnerability Management, and/or Security Operations processes, particularly in regulated environments. This role requires strong audit execution skills, regulatory awareness, and the ability to collaborate with stakeholders to drive remediation and continuous improvement.

• Plan, execute, and report on cybersecurity audits, including areas such as Identity and Access Management (IAM), Vulnerability Management, and Security Operations Center (SOC) processes.
• Assess the effectiveness of existing cybersecurity controls, identify gaps, and recommend actionable improvements.
• Collaborate with auditees and cross‑functional audit teams to ensure timely resolution and tracking of audit findings.
• Monitor and validate compliance with internal cybersecurity policies, governance frameworks, and applicable regulatory requirements.
• Conduct cybersecurity risk assessments and support remediation and control enhancement activities.
• Prepare high‑quality audit documentation, including risk findings and recommendations.
• Present audit outcomes, insights, and reports to senior leadership and relevant stakeholders.

• Prior experience in cybersecurity auditing, IT audit, or related cybersecurity roles.
• Hands‑on expertise in at least one of the following domains:
  • Identity and Access Management (IAM)
  • Vulnerability Management tools and processes
  • Security Operations Center (SOC) and incident response
• Professional certifications such as CISSP, CISA, CEH, CRISC, or equivalent.
• Strong understanding of cybersecurity regulatory frameworks, including MAS Technology Risk Management (TRM) or equivalent.
• Strong analytical thinking, problem‑solving abilities, and high attention to detail.
• Excellent written and verbal communication skills, with the ability to present technical concepts to diverse audiences.

• Experience working in the financial services sector or other highly regulated industries.
• Exposure to Governance, Risk, and Compliance (GRC) platforms such as RSA Archer, ServiceNow GRC, or BMC Remedy.
• Familiarity with cybersecurity standards such as ISO 27001, NIST CSF, COBIT, or equivalent frameworks.

Please refer to U3’s Privacy Notice for Job Applicants/Seekers at https://u3infotech.com/privacy-notice-job-applicants/. When you apply, you voluntarily consent to the collection, use and disclosure of your personal data for recruitment/employment and related purposes.