Security Auditor - REMOTE

Position Summary:

This position will work with clients to assess, policies, standards, and guidelines against industry standards such as but not limited to ISO27001, NIST CSF and CIS frameworks. The position will ensure clients meet compliance requirements and guide them in developing an improved security posture.

Responsibilities:

• Managing and delivering Information Security audit assignments.
• Defining the scope for Information Security audit assignments.
• Developing and quality assuring security audit reports.
• Travelling to client’s and to other group’s office locations.
• Collaborating with clients to develop appropriate remediation plans.
• Teaming up with colleagues in other lines of services in support of client needs for Information Security Services.
• Following, maintaining, and improving standard operation procedures (SOP).
• Achieve and maintain any required professional certification.
• Research best practices, developments, techniques and trends in information security and determines relevance to client organizations.
• Provides clients with exceptional service in a professional, courteous and timely manner.
• Other related duties as assigned.

Required Education/Credentials/Qualifications:

• Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or equivalent College Diploma and related experience.
• ISACA CISA.
• A good understanding of Linux, Windows, and network security skills.
• Excellent written and oral communication skills in English.
• Ability to meet deadlines and deliver a high-quality product (reports).
• Strong attention to detail.
• Ability to work both independently and perform as a leader in a team environment.
• 5 years minimum information security experience ideally in a fast paced, changing environment.

The following skills are preferred but not required:

• ISO27001 Lead Auditor, PCI QSA, ISACA CISM, SANS Certifications.
• Deep understanding of key information security program development, tool implementation and information security concepts and frameworks.
• In-depth experience designing and implementing information security solutions.
• Understanding of information security frameworks such as ISO/IEC 27001:2022, COBIT, NIST CSF.
• Support team technical development (e.g. through service development or research) and contribute to company technical processes overall.

Travel Expectations:

Must be able to travel.