Auditor, Lead ISO 27001

About The Position

Requirements

• Bachelor's degree or higher in a relevant field such as Information Technology, Information Security, Computer Science, Engineering, or a related discipline, plus relevant professional experience in information security, information systems, or management systems auditing.
• Equivalent industry experience may be considered in place of a degree.
• Current ISO/IEC 27001 Lead Auditor certification required.
• Minimum four (4) years of experience in information security, information systems, cybersecurity, risk management, or related auditing activities is required.
• Third-party audit experience in ISO/IEC 27001 – ISMS (Required).
• Excellent decision-making and organizational skills.
• Excellent oral and written communication skills.
• Ability to work with moderate supervision.
• Exhibit teamwork mentality.
• Strong attention to accuracy and quality of work performed.
• Flexible in achieving duties.
• Ability to train, assist, coach, or mentor subordinate Auditors as necessary.
• Obtain a working knowledge of the ABS Health, Safety, Quality, and Environmental Management Systems.

Nice To Haves

• Third-party audit experience in ISO 9001 – Quality Management.
• Third-party audit experience in ISO 22301 – business continuity management.
• Third-party audit experience in ISO/IEC 20000-1 – IT service management.
• Third-party audit experience in ISO/IEC 27701.

Responsibilities

• Plan, conduct, and lead audits for all ABS QE audit programs.
• Oversee Information Security Management System (ISMS) standards and programs, including ISO/IEC 27001.
• Attend required training and follow all procedures, processes, and policies within ABS-QE.
• Follow the training plan developed by the Global Competency Program to reach assessor status and then Lead Assessor status.
• Contact clients and schedule visits, plan assessments, make travel plans, conduct assessments, and report and manage the results.
• Perform third-party onsite ISMS audits for North American customers.
• Lead teams, when necessary, and mentor and coach new or inexperienced colleagues.
• Schedule and plan audit activities with customers.
• Interact directly with customers at all levels of management in developing accurate reports regarding the implementation and maintenance of their information security management system.
• Provide timely and accurate reviews of audit results, corrective actions, and closures.
• Participate in additional training based on future business needs and perform other assignments as needed.
• Review policies, procedures, statements of applicability, risk assessments, and associated documentation for compliance with ISO/IEC 27001 requirements and related ISMS criteria.

Benefits

• Medical insurance (PPO and HD)
• Dental insurance
• Vision insurance
• Health Savings account (HSA)
• Flexible Savings Account (FSA)
• Life insurance
• Accidental death and dismemberment insurance
• Disability leave programs
• Parental leave program
• Paid holidays
• Paid vacation time
• Employee Assistance Plan (EAP)
• 401K plan with a generous company match