Auditor, Lead ISO 27001

About The Position

Requirements

• Bachelor's degree or higher in a relevant field such as Information Technology, Information Security, Computer Science, Engineering, or a related discipline, plus relevant professional experience in information security, information systems, or management systems auditing. Equivalent industry experience may be considered in place of a degree.
• Current ISO/IEC 27001 Lead Auditor certification required.
• Minimum four (4) years of experience in information security, information systems, cybersecurity, risk management, or related auditing activities is required.
• Third-party audit experience in ISO/IEC 27001 – ISMS (Required).
• Excellent decision-making and organizational skills.
• Excellent oral and written communication skills.
• Ability to work with moderate supervision.
• Exhibit teamwork mentality.
• Strong attention to accuracy and quality of work performed.
• Flexible in achieving duties.
• Ability to train, assist, coach, or mentor subordinate Auditors as necessary.

Nice To Haves

• Third-party audit experience in ISO 9001 – Quality Management.
• Third-party audit experience in ISO 22301 – business continuity management.
• Third-party audit experience in ISO/IEC 20000-1 – IT service management.
• Third-party audit experience in ISO/IEC 27701.

Responsibilities

• Plan, conduct, and lead audits for all ABS QE audit programs.
• Oversee Information Security Management System (ISMS) standards and programs, including ISO/IEC 27001.
• Attend required training and follow all procedures, processes, and policies.
• Manage clients and a home-based office.
• Follow the training plan to reach assessor and Lead Assessor status.
• Contact clients and schedule visits, plan assessments, make travel plans, conduct assessments, and report and manage the results.
• Perform third-party onsite ISMS audits for North American customers.
• Lead teams, when necessary, and mentor and coach new or inexperienced colleagues.
• Schedule and plan audit activities with customers.
• Interact directly with customers at all levels of management in developing accurate reports regarding the implementation and maintenance of their information security management system.
• Provide timely and accurate reviews of audit results, corrective actions, and closures.
• Participate in additional training based on future business needs and perform other assignments as needed to meet assessment delivery business objectives.
• Review policies, procedures, statements of applicability, risk assessments, and associated documentation for compliance with ISO/IEC 27001 requirements and related ISMS criteria.
• Obtain a working knowledge of the ABS Health, Safety, Quality, and Environmental Management Systems.