Information security consultant / IT audit manager
TechMagicUkraine9 days ago
Full-timeRemote FriendlyInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
We are seeking a Senior Information Security Consultant / IT Audit Manager to join our TechMagic team. You will work on a diverse portfolio of clients, providing expert guidance on their security and compliance journeys. This is a full-time, remote position, and we are looking for a highly skilled professional with a strong background in GRC and IT audit.
Must have
Full-time working day in our Lviv or Kyiv office, (flexible hours) or full-time remote
Interview Stages
Must have
- Experience: 4–7+ years in GRC, IT audit, or compliance, with a proven track record of successfully completing at least two end-to-end ISO 27001 and/or SOC 2 programs.
- Primary Stack: Deep expertise in ISO/IEC 27001:2022, SOC 2, NIST CSF 2.0, and OWASP ASVS/SAMM/DSOMM.
- Cloud & Compliance: Strong knowledge of cloud security best practices on AWS/Azure/GCP and a solid understanding of HITRUST, GDPR, and HIPAA.
- Tools: Hands-on experience with GRC platforms like Drata, Vanta, or Secureframe.
- English: Upper-Intermediate or Advanced level proficiency.
- Certifications: ISO 27001 Lead Implementer/Lead Auditor, CISSP, CISM, or CISA.
- Regulatory Knowledge: Familiarity with Microsoft SSPA/DPR and NIS2/DORA.
- Security Operations: Exposure to SIEM/SOC (e.g., Microsoft Sentinel).
- Domain Experience: Prior experience in the fintech or healthcare industries.
- Lead GRC Engagements: You will manage end-to-end ISO 27001, SOC 2, and HITRUST readiness projects. This includes everything from gap assessments and risk analysis to coaching clients on implementation and providing support during external audits.
- Act as a vCISO: Serve as a fractional vCISO for our clients, taking ownership of their security roadmaps, risk registers, security awareness programs, and reporting to executive leadership and boards.
- Implement and Manage ISMS: Build and maintain Information Security Management Systems (ISMS), handling all aspects from policy lifecycle management and internal audits to continual improvement.
- Drive Risk Management: Conduct enterprise risk assessments and facilitate threat modeling to proactively identify and mitigate security risks.
- Consult on Core Security Practices: Advise clients on key security practices, including secure SDLC, change management, incident response, and business continuity planning, with a focus on cloud security in AWS, Azure, and GCP.
Full-time working day in our Lviv or Kyiv office, (flexible hours) or full-time remote
Interview Stages
- 1st stage - call with Recruiter
- 2nd stage - Technical interview
- Opportunity to improve your skills in stong technical team
- Work from anywhere (fully remotely or in our office)
- Paid vacations and sick leaves, additional days off, relocation bonus;
- Wellness: Medical insurance/sports compensation/ health check-up+flu vaccination at your choice
- Education: regular tech talks, educational courses, paid certifications, English classes;
- Fun: own football team, budget for team lunches, branded gifts
- One of the best IT employers in Lviv based on DOU rating.
Key Skills
Ranked by relevanceReady to apply?
Join TechMagic and take your career to the next level!
Application takes less than 5 minutes