Cyber Security Audit Analyst

The Panther Group is hiring multiple W2 Contract (12 months with potential for multiple extensions), Hybrid (2 days in office in Boston), Cybersecurity Audit Analysts to work with one of our partners in state government.Kind Note: This role is not available for Visas (OPT, H1B, etc.) and does not permit sponsorship now or in the future. Also, this role does NOT permit C2C (Corp to Corp) or third party recruiters to apply. Please do not call the recruiter or the office to solicit.Hybrid Requirements:This role requires that you be in commuting distance of Boston for the required 2 days on site. The primary work location for this role is downtown Boston, MA. The work schedule for this position is Monday through Friday, 9:00AM - 5:00PM EST. (37.5 hours each week). This position follows a hybrid work model, with a minimum onsite presence of approximately 40% (typically two days per week), with specific expectations determined by business leaders s based on operational needs. Occasional local travel to industry-related events or local offices may be required.Job Description:We are hiring multiple Cybersecurity Audit Analysts with a minimum of five (5) years of relevant experience. The selected candidates will play a key role in executing and enhancing the our client's cybersecurity audit program, including both internal audit activities and coordination of external audit responses.This position requires strong knowledge of cybersecurity frameworks, auditing methodologies, and risk management practices, along with the ability to work collaboratively across agencies and organizational levels.As a member of the ERM (Enterprise Risk Management) team, you will significantly contribute to enterprise-wide governance, risk and compliance program ensuring compliance with all relevant legislative, regulatory, statutory, and contractual requirements related to Information Security. The candidate selected will collaborate with various members and levels of the organization to ensure we are reviewing and updating applications, systems, user lists, and vendor reviews on a regular periodic and continuing basis.All offers of employment into this position are conditional and subject to passing: a Massachusetts Criminal Background Check (CORI); a security clearance (fingerprinting) consistent with IRS and/or public safety requirements; and security training.This position does not allow for visa sponsorship or subcontracting.Responsibilities:Internal audit reviewAssist deputy chief risk officer, continue to formalize and automate the ERM audit programConduct regularly scheduled reviews of internal processes to ensure recommended risk mitigating controls are fully implemented, followed, documented and effective.Coordinate with ERM risk analysts to ensure internal reviews include current mitigating control recommendationsEmploy analytical skills to conduct audit tests, participate in meetings and interviews, and assess procedural documentationCreate comprehensive reports of audit findings to inform staff and executives of needed updates or improvementsProactively inform senior management of significant risks or exposures related to internal controls, compliance, and/or governance requiring prompt attentionManage the process to track, follow up, and ultimately ensure closure of all open audit issuesExternal audit responseCoordinate and follow through with numerous individuals for various audit responsesObtain and provide comprehensive responses to internal and external audit requests.Build and maintain positive working relationships across all levels and functional areas.Meticulously track and document responses to and from multiple sources in a timely and succinct manner.Oversight of the internal audit liaison programAssist documentation of ERM audit program practices and procedures to include templates and reference guides.Plan and schedule program deliverables, goals, milestones.Other responsibilities as assigned.Required ERM Knowledge, Skills & Abilities:At least five (5) years of experience in cybersecurity audit, IT audit, risk management, or complianceStrong knowledge of cybersecurity and control frameworks (e.g., NIST, CIS Controls)Experience performing audits, risk assessments, program evaluations, and conducting research using quantitative and qualitative methods in a government or highly regulated environment.Demonstrate ability to multitask, prioritize, and meet deliverables for various and fluid responsibilities and initiatives.Exceptional organizational skills include acute attention to detail especially involving the gathering, updating, tracking, and reporting of data from multiple sources.Ability to maintain a consistent and timely follow-through of all requests requiring a response from various members and all levels of the organization.A working knowledge of IT, Network infrastructure, software application and software vendor disciplines desired.Required General Knowledge, Skills & Abilities:Excellent verbal and written communication skillsThe ability to work independently as well as part of a team.Strong adaptability to evolving challenges and changing priorities.Ability to think critically, analyze situations, solve problems, and make informed decisions to address complex challenges.Strong ability to understand and effectively communicate (verbally and written) across varying levels of the organization.Pay Rate Range is: $65 - $70 an hour

Created: 2026-05-15