Lead Auditor (ISO 27001) | Contract | Long-term | Coventry
I am partnered with a global prestigious consultancy who are looking to hire a Lead Auditor on a long term contract basis based in Coventry. Please see below details:
ISO27001 Lead Auditor
Location: Coventry, hybrid
Length: Initial 6 months
Key responsibilities:
-
Develop and implement comprehensive audit plans aligned with organisational risk assessments and relevant standards.
-
Conduct audits of clients' Information Security Management System (ISMS) based on ISO 27001, NIST, and other applicable standards to assess compliance and identify areas for continual improvement.
-
Conduct independent and objective assessments of the ISMS, evaluating the design, implementation, and effectiveness of information security controls.
-
Identify vulnerabilities, control weaknesses, and non-compliance issues through interviews, document reviews, testing procedures, and other established audit methodologies.
-
Identify and assess the organisation's information security risks and develop audit reports detailing findings, recommendations, and corrective actions with recommended mitigation measures.
-
Collaborate with stakeholders across various departments (IT, HR, Legal, etc.) to implement corrective actions effectively.
-
Collaborate effectively with diverse client stakeholders to ensure alignment with Information Security Management policies, procedures, guidelines, and processes.
Key Skills:
-
Significant experience in ISO 27001/2 standards for consulting, collaboration, implementation & auditing is highly desirable.
-
A strong understanding of information security frameworks like ISO 27001, NIST Cybersecurity Framework (CSF), GDPR, CIS or similar.
-
Experience planning, preparing, and delivering internal and external audits, including Compliance Audits.
-
Should have detailed experience and knowledge of Cyber/Information Security Governance, Risk Management, and Compliance.
-
Knowledge of industry good practices and procedures, Information Security Management tools-methods-techniques-and their applications, ISMS specific documentation structures-hierarchy-and interrelationships, electronic and digital signatures, electronic evidence collection, etc.
-
Strong Knowledge of Audit planning, Audit risks, Information Security Process Analysis, information security controls, risk assessment methodologies, vulnerability management principles and Internal Auditing of Information Security Management Systems.
If you are interested in discussing the role further, please apply directly and i will be in touch.
Jade Winter | Maclean Moore