Senior IT Auditor, Quality

The HITRUST Quality department is seeking a Senior Information Technology Auditor to join our team in Frisco, Texas. This role is ideal for experienced IT auditors, HITRUST External Assessor professionals, or other cybersecurity audit professionals who are passionate about assessment quality, consistency, and the integrity of information security assurance.

This is a highly visible and impactful role serving as a quality gatekeeper for HITRUST certifications. You will work closely with the Assurance, Standards, Legal, and Information Security teams, as well as External Assessors, to help maintain the integrity and credibility of the HITRUST ecosystem.

We are looking for professionals who:

• Have experience performing or reviewing IT audits, HITRUST assessments, cybersecurity assessments, SOC 2 examinations, ISO 27001 assessments, and/or IT general controls reviews.
• Thrive in detail-oriented environments  where analytical thinking and professional judgment are essential.
• Can work independently while  collaborating effectively with internal teams, External Assessors, and  customers.
• Value the importance of relevance and  reliability in assurance and certification processes.

The ideal candidate will possess strong communication skills, a solid understanding of IT audit and risk management principles, and experience evaluating security controls and assessment methodologies. HITRUST Assessor experience, SOC 2 experience, or prior work in IT assurance, compliance, or cybersecurity audit functions is highly preferred.

This position requires minimal travel, making it an excellent opportunity for professionals seeking meaningful, high-impact work with strong work-life balance in a growing and mission-driven organization.

Duties & Responsibilities: 

• Perform quality assurance reviews of HITRUST assessments to  ensure compliance with HITRUST Assessment Handbook requirements, assessment  methodologies, and certification standards.
• Review HITRUST assessment submissions and certification reports  prior to issuance to validate completeness, accuracy, and consistency.
• Lead complex escalated quality reviews involving assessment performance  concerns or disputed results.
• Provide guidance and subject matter expertise to External Assessors, Customers and other stakeholders regarding HITRUST assessment  expectations, control evaluation approaches, and quality standards.
• Monitor active certifications for adherence to HITRUST criteria.
• Investigate actual or suspected control failures or breaches  impacting HITRUST certification status.
• Support thought leadership initiatives by contributing to articles, guidance, and educational content related to cybersecurity assurance, risk management, compliance, and HITRUST assessments.
• Develop and review reporting and metrics related to assessment quality, certification integrity, assessor performance, and program effectiveness.
• Collaborate with internal teams including Assurance, Standards, Information Security, Legal, HR, and Product to support organizational quality initiatives and continuous improvement efforts.

Required Skills & Qualifications: 

• Bachelor’s degree from an accredited college or university, or equivalent professional experience
• 3–7 years of experience performing, reviewing, or managing IT audits, cybersecurity assessments, or risk assurance engagements, including areas such as: HITRUST assessments, SOC 1, SOC 2, ISO 27001, PCI audits or examinations, IT General Controls (ITGC) reviews, Information security audits, Risk and compliance assessments
• Prior experience working for a HITRUST External Assessor organization, public accounting firm, internal audit function, or information security assurance/compliance team
• Strong understanding of risk management principles and control testing methodologies
• Knowledge of information security and compliance frameworks such as HITRUST CSF, SOC 2, ISO 27001, NIST, HIPAA, or related control frameworks
• Proven ability to analyze complex assessment scenarios, evaluate supporting evidence, and apply professional judgment in a quality assurance or audit environment
• Strong written and verbal communication skills, including the ability to clearly explain technical and audit-related concepts to diverse audiences
• Excellent analytical, organizational, and critical thinking skills with exceptional attention to detail
• Ability to work independently while collaborating effectively across teams and with external stakeholders

Preferred Skills & Qualifications:

• Demonstrated ability to leverage AI and automation tools to  improve efficiency, productivity, and analytical capabilities
• History of writing blogs, thought leadership, educational  material, LinkedIn posts, etc. on cybersecurity topics
• Experience designing reports in Domo, or other data analytics  tools
• Knowledge of the criteria within the HITRUST Assessment  Handbook
• Experience in executing, leading, and/or reviewing HITRUST  Assessments.
• CISA, HCISPP, CISM, CIA, CISSP, CCSFP, CHQP or similar  certification 

About HITRUST

HITRUST is the leader in validated cybersecurity assurance used in third-party risk management and compliance. HITRUST delivers assurance and certification programs for the application and independent validation of security, privacy, and AI controls, harmonized across more than 60 authoritative standards and frameworks. Its threat-adaptive approach combines tiered, selectable assessments (e1, i1, r2, and AI), an ecosystem of over 100 independent assessment firms, centralized quality assurance, standardized reporting, and a powerful SaaS platform to enable consistent, defensible, and scalable assurance. HITRUST delivers the only assurance certification with defensible proof of security, demonstrated by a 99.62% breach-free rate among certified environments in the 2026 Trust Report. For nearly 20 years, HITRUST has defined the standard for trustworthy cybersecurity proof, helping organizations demonstrate measurable cybersecurity resilience across their enterprises and third-party ecosystems.

HITRUST is an equal opportunity employer that is committed to diversity and inclusion in the workplace. 

We prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.