Cybersecurity Risk Auditor

Cybersecurity Risk Auditor

Company: TeamFicient

Location: Hybrid (Mostly remote; depending on location)

Employment Type: Full-Time

Salary Range: To be discussed (Negotiable for highly experienced candidates)

Work Schedule

• Time Range: Between 7 AM and 7 PM CST
• Working Hours: 9 hours per day (8 working hours + 1-hour break)
• Days Off: TBD (2 days per week)

Why Join Us?

• Join a US-based cybersecurity company at the start of its UAE expansion
• Work with modern compliance automation, not legacy audit tooling
• Exposure to multi-framework, multi-industry risk engagements
• Opportunity to shape assessment standards and regional delivery practices
• Competitive compensation and growth opportunities

About Us

We are a US-based cybersecurity and continuous compliance automation company expanding operations into the UAE. We help organizations identify, manage, and reduce cyber and regulatory risk through automated risk assessments, compliance mapping, and fractional security leadership—replacing point-in-time audits with ongoing assurance.

As we establish our UAE presence, we are hiring a Cybersecurity / IT Risk Auditor to support client assessments, framework alignment, and risk validation using our proprietary assessment platform.

Position Overview

We are seeking a Cybersecurity / IT Risk Auditor with strong experience in IT risk, security controls, and compliance frameworks to conduct structured risk assessments and compliance audits across regulated industries.

This role is ideal for someone who understands how controls should work in practice, not just on paper, and who is comfortable working with technology-enabled assessment platforms rather than manual spreadsheets.

Key Responsibilities

Risk & Control Assessments

• Conduct cybersecurity and IT risk assessments using our platform.
• Evaluate administrative, technical, and operational security controls.
• Identify control gaps, residual risks, and risk severity based on real-world implementation.

Compliance & Framework Mapping

• Assess client environments against relevant frameworks such as: NIST CSF / NIST 800-53, ISO/IEC 27001, CIS Controls, UAE-relevant regulatory frameworks (PDPL, NESA IA, ADHICS, etc.).
• Map assessment findings to framework requirements within the platform.

Evidence Review & Validation

• Review policies, procedures, system configurations, and supporting evidence.
• Validate evidence quality and relevance without excessive manual documentation.
• Ensure audit defensibility and consistency across engagements.

Risk Reporting & Recommendations

• Produce clear, executive-ready risk summaries and remediation guidance.
• Translate technical findings into business-impact language.
• Support remediation prioritization and risk treatment planning.

Platform & Process Improvement

• Provide feedback on control logic, assessment questions, and workflows.
• Help improve assessment accuracy and scalability within the platform.
• Collaborate with product and compliance teams on framework updates.

Required Qualifications

• 3+ years of experience in IT audit, cybersecurity risk, or technology risk management
• Strong understanding of information security controls and governance
• Experience with risk assessments, internal audits, or third-party audits
• Familiarity with global and local security frameworks
• Ability to assess both technical controls and governance/process controls
• Strong analytical, documentation, and communication skills

Preferred Qualifications

• Experience auditing or assessing regulated industries (healthcare, finance, government)
• Experience with compliance or GRC platforms (platform-based assessments preferred)
• Professional certifications such as: CISA, CISSP, CRISC, ISO 27001 Lead Auditor

Technical/System Requirements

• Desktop or laptop with Intel Core i7 / i9 or AMD Ryzen 7 / 9 (or higher) processor
• Minimum 32GB RAM for multitasking and large file handling
• NVIDIA RTX or AMD Radeon Pro graphics card (recommended)
• Workstation free from noise and distractions
• Stable primary internet connection and backup internet
• USB headset with noise-cancelling microphone
• Backup power source (generator, UPS, or accessible alternative workspace during outages)

Job Type: Full-time

Work Location: Remote