truest.me
Explore CareersSponsor Someone 🎁Log InSign Up
truest.me
AboutCareer Growth ToolsWays to access truestPricingSponsor people/teamsWho is truest for
Terms of useContactPrivacy policytruest is a public benefit company
Copyright Β© 2026, Truest.me. All rights reserved.
Browse Careers
Career Explorer β†’
Tracks
See all β†’
Admin & OfficeAgricultureArts & MediaBusiness OperationsConstructionEducationEngineeringExecutive LeadershipFacilitiesFinanceFood ServiceHealthcareHuman ResourcesLegalMaintenance & RepairMarketingOperationsPersonal CareProductionProtective ServicesReal EstateSalesScienceSocial ServicesTechnologyTransportation
Top industries
See all β†’
HealthcareAdministrative ServicesK-12 SchoolsHospitality & Food ServiceHospital SystemsRetailWholesale & DistributionCatering & Mobile Food ServicesProfessional ServicesHospitals & Medical CentersEducationRestaurants & DiningGovernmentManufacturingAmbulatory Healthcare ServicesAdministrative Support ServicesConstructionFinancial ServicesGeneral Merchandise StoresColleges & UniversitiesConsumer ServicesLocal Government ServicesFull-Service RestaurantsSpecialty Trade ContractorsTransportation & LogisticsReal Estate Services
Top metros
See all β†’
New York-NewarkLos Angeles-Long BeachChicago-NapervilleDallas-Fort WorthHouston-PasadenaWashington-ArlingtonAtlanta-Sandy SpringsPhiladelphia-CamdenMiami-Fort LauderdaleBoston-CambridgeSan Francisco-OaklandPhoenix-MesaSeattle-TacomaMinneapolis-St. PaulDetroit-WarrenRiverside-San BernardinoDenver-AuroraSan Diego-Chula VistaTampa-St. PetersburgOrlando-KissimmeeCharlotte-ConcordBaltimore-ColumbiaSt. LouisAustin-Round RockPortland-VancouverSan Jose-Sunnyvale
Careersβ€ΊRolesβ€ΊInformation Security Auditor
Mid-Level

Information Security Auditor

A specialist auditing information security controls β€” examining how the organization protects data, who has access, how incidents are detected and handled, and where security gaps could expose the business. The audit lens on cybersecurity.

Career Level
Junior
Mid
Senior
Director
VP
Executive
Work Personality
C
I
R
E
S
A
Conventionalorganizing, detail-oriented
Investigativeanalytical, curious
Based on Holland Code framework
Industries that often hire Information Security Auditors
Real EstateProfessional Services Β· 30%Government Β· 23%Technology & Information Β· 10%Financial Services Β· 7%Administrative Services Β· 6%
Job markets for Information Security Auditors
Where Information Security Auditor jobs concentrate Β· ~354 metro areas
Based on employment in related occupations
Mapped SOC categories:
Finance
BLS Occupational Employment Statistics
Jump to:What it's likeCareer pathsBy the numbers
What it's like

What it's like to be a Information Security Auditor

Most days tend to involve controls testing, evidence review, interviews with IT and security teams, and the documentation that supports findings. You'll often test access controls, change management, vulnerability management, incident response, and data protection programs β€” producing findings that map to frameworks like NIST CSF, ISO 27001, SOC 2, or PCI DSS. Engagement cadence varies by employer.

The variance between settings is real β€” internal audit shops at large enterprises have specialized IT and security auditors; Big Four and second-tier audit firms run SOC 2, PCI, ISO certification engagements; consulting firms offer security assessments and program work; regulators audit security at financial institutions and critical infrastructure. Technical credibility with security operations matters β€” auditors who can talk specifics get further.

People who tend to thrive here are comfortable with deep systems thinking, patient with the documentation requirements of audit work, and capable of bridging audit and security cultures. CISA is the dominant credential, with CISSP, CISM, CRISC also common. The work tends to offer strong demand and broad career paths, with the trade-off being the constant evolution of the underlying technology β€” for those who enjoy the security-and-audit intersection, the work compounds in value as institutional knowledge grows.

What people in this role value
Work values data not available for this role.
✦ Editorial β€” written by Truest from industry research and career patterns
Career Paths

Where this role sits in the broader career landscape β€” and where it can take you.

Earning potential across this track
$239K$179K$119K$60K$0KLower paying386 metro areas, sorted by salary level
All experience levels1
This level's estimated range
INDUSTRIES PAYING ABOVE AVERAGE
Energy & Utilities$94K+10%
Technology & Information$94K+9%
Professional Services$92K+7%
Financial Services$83K-3%
Government$82K-4%
Compared to Finance average across all industries
1 BLS OEWS May 2024 covers all Information Security Auditors (SOC 15-1299.05), not just this title Β· BEA RPP 2023
* Top salaries exceed this figure. BLS caps reported wages at ~$240K to protect individual privacy in high-earning roles.
Related rolesExplore Finance β†’
Information Security AuditorSecurity SpecialistSecurity EngineerSecurity AnalystSecurity ConsultantSecurity Control AssessorAI Security Specialist (Artificial Intelligence Security Specialist)Cloud Security EngineerCloud Security ArchitectInformation Security AnalystInformation Technology Security Analyst (IT Security Analyst)Cyber Security TesterCyber Security EngineerInformation Technology Analyst (IT Analyst)Information Technology Consultant (IT Consultant)Data Security AnalystCyber Security AnalystDatabase Security ExpertCyber Security SpecialistApplication Security AnalystComputer Security SpecialistInformation Security OfficerInternet Security SpecialistComputer Security CoordinatorInformation Assurance Analyst+1 more
Exploring the Information Security Auditor career path? Truest helps you figure out if it's the right fit β€” and plan your path forward.
Explore career tools
✦ Editorial β€” career progression and interview guidance based on industry patterns
The Broader Landscape

Roles like this one sit within a broader occupational category. The numbers below reflect that full landscape β€” helpful for context, but your specific experience will depend on level, specialty, and where you work.

$53K–$177K
Salary Range
10th – 90th percentile
439K
U.S. Employment
+8.2%
10yr Growth
31K
Annual Openings

How Information Security Auditor pay & employment are changing

$77K$74K$72K$69K$66K201920202021202220232024$66K$77K
BLS OEWS May 2024 Β· BLS Employment Projections 2024–2034

Skills & Requirements

Reading ComprehensionCritical ThinkingActive ListeningMonitoringWritingSpeakingSystems AnalysisSystems EvaluationQuality Control AnalysisActive Learning
O*NET OnLine Β· Bureau of Labor Statistics
Mapped SOC Codes
15-1299.05

Explore related roles

Roles with similar work and overlapping career paths

juniorJunior Information Security Auditor$109KseniorSenior Information Security Auditor$109KmidSecurity Specialist$80KmidSecurity Engineer$96KmidSecurity Analyst$95KmidSecurity Consultant$95K
View all Finance roles β†’

Common questions about what it's like to be an Information Security Auditor

What does an Information Security Auditor do?

A specialist auditing information security controls β€” examining how the organization protects data, who has access, how incidents are detected and handled, and where security gaps could expose the business. The audit lens on cybersecurity.

How much does an Information Security Auditor make?

Median pay for an Information Security Auditor is about $109K nationally, with the field ranging roughly from $53K to $177K depending on experience, employer, and metro (BLS).

What skills does an Information Security Auditor need?

Core skills for this role include Reading Comprehension, Critical Thinking, Active Listening, Monitoring, and Writing.

What education do you need to be an Information Security Auditor?

Most people in this role hold a bachelor's degree.

Is an Information Security Auditor in demand?

Employment in this field is projected to grow about 8.2% through 2034, with roughly 439,380 people working in it today (BLS).

What jobs are similar to an Information Security Auditor?

Closely related roles include Junior Information Security Auditor, Senior Information Security Auditor, and Security Specialist.

Navigate your career with clarity

Truest gives you tools to understand your strengths, explore roles that fit, and plan your next move.

Explore Truest career tools
Federal data: BLS Occupational Employment & Wage Statistics (May 2024) Β· BLS Employment Projections Β· O*NET OnLine
Truest editorial: Fit check, role profile, things that vary, advancement analysis, lateral moves, interview questions.