Demo

Cybersecurity Audit Analyst

Spence Consulting
Chicago, IL Full Time
POSTED ON 4/9/2026
AVAILABLE BEFORE 6/8/2026

Job Description: Cybersecurity Specialist (Audit, GAP Analysis & Security Program Development) Position Summary

The Cybersecurity Specialist is responsible for assessing, designing, and improving the organization’s cybersecurity posture. This role performs cybersecurity audits, conducts GAP analyses against industry frameworks, provides security recommendations, and develops cybersecurity policies, procedures, and governance programs to reduce organizational risk and ensure compliance with regulatory and industry standards.

The ideal candidate combines technical cybersecurity expertise with risk management, compliance knowledge, and strong documentation skills.

Key ResponsibilitiesCybersecurity Audits & Assessments

  • Conduct comprehensive cybersecurity audits across infrastructure, applications, and business processes.
  • Evaluate security controls, configurations, and operational practices.
  • Identify vulnerabilities, risks, and control deficiencies.
  • Perform internal security reviews aligned with recognized frameworks.

GAP Analysis

  • Perform GAP analyses against cybersecurity frameworks such as:
  • NIST Cybersecurity Framework (CSF)
  • NIST SP 800-171 / 800-53
  • CMMC (Level 1–2 preferred)
  • ISO 27001
  • CIS Critical Security Controls
  • Document current-state vs. target-state security posture.
  • Develop remediation roadmaps and prioritized action plans.

Security Recommendations & Guidance

  • Provide strategic and technical cybersecurity recommendations.
  • Advise leadership on risk mitigation strategies and security investments.
  • Support implementation planning for security tools and controls.
  • Assist IT teams with secure architecture and best practices.

Cybersecurity Program Development

  • Develop and maintain cybersecurity policies, standards, and procedures.
  • Create governance documentation and security frameworks.
  • Establish risk management and compliance processes.
  • Support incident response planning and business continuity strategies.
  • Help build security awareness and training programs.

Documentation & Reporting

  • Produce audit reports, risk assessments, and executive summaries.
  • Track remediation progress and compliance metrics.
  • Present findings to technical teams and executive leadership.

Required Qualifications

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
  • 3–7 years of cybersecurity or information security experience.
  • Experience performing cybersecurity audits or security assessments.
  • Strong knowledge of cybersecurity frameworks and compliance standards.
  • Experience conducting GAP analyses and risk assessments.
  • Demonstrated experience writing security policies and procedures.
  • Understanding of:
  • Network security
  • Endpoint protection
  • Identity & Access Management (IAM)
  • Vulnerability management
  • Cloud security concepts
  • Strong analytical and documentation skills.

Preferred Qualifications

  • Experience with CMMC Level 2 environments.
  • Security certifications such as:
  • CISSP
  • CISM
  • CISA
  • Security
  • CRISC
  • Experience with governance, risk, and compliance (GRC) tools.
  • Familiarity with Microsoft 365, Azure, AWS, or hybrid environments.
  • Experience supporting regulated industries (Healthcare, DoD contractors, Finance, etc.).

Key Skills

  • Cybersecurity auditing
  • Risk assessment & mitigation
  • GAP analysis
  • Policy and procedure development
  • Security architecture understanding
  • Compliance management
  • Technical writing and reporting
  • Stakeholder communication

Typical Deliverables

  • Cybersecurity audit reports
  • GAP analysis documentation
  • Risk register and remediation roadmap
  • Security policies and procedures
  • Compliance readiness documentation
  • Executive security posture reports

Work Environment

  • Hybrid or remote depending on organizational needs.
  • Collaboration with IT, compliance, leadership, and external auditors.

Job Type: Contract

Pay: $45.00 - $55.00 per hour

Compensation Package:

  • 1099 contract

Application Question(s):

  • This opportunity is for a month and half. Once assessment is complete s o is the project.

Experience:

  • Cybersecurity: 2 years (Required)

License/Certification:

  • CISSP (Preferred)

Work Location: Hybrid remote in Chicago, IL 60644

Salary : $45 - $55

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Cybersecurity Audit Analyst?

Sign up to receive alerts about other jobs on the Cybersecurity Audit Analyst career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$77,991 - $108,747
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$87,466 - $114,731
Income Estimation: 
$114,790 - $146,930
Income Estimation: 
$115,647 - $153,495
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Spence Consulting

CMMMC Level 2 Specialist
Apply
  • Spence Consulting Chicago, IL
  • Position Summary We are seeking an experienced CMMC Level 2 Compliance Engineer to lead and support the development, implementation, and operationalization... more
  • 11 Days Ago
View More Jobs at Spence Consulting

Not the job you're looking for? Here are some other Cybersecurity Audit Analyst jobs in the Chicago, IL area that may be a better fit.

Cybersecurity Analyst
Apply
  • Sentinel Aurora, IL
  • Responsibilities: We are seeking a Cybersecurity Analyst to support one of our customers . This position will be responsible for Threat Analysis, System Mo... more
  • 1 Month Ago
Account Executive - Chicago
Apply
  • Foresite Cybersecurity Chicago, IL
  • Account Executive Foresite is looking for a high-energy, results-oriented Account Executive located in the Chicago area to drive the growth of our Google S... more
  • 3 Days Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!