Careers – Information Security Auditor

We are looking for a passionate Information Security Auditor to join our brilliant team.  This is a fantastic opportunity to work in a professional and challenging environment where the standards are consistently set high. 

You should be a good communicator, enthusiastic and eager to learn. This is a client facing job and you will be required to extensively travel around the UK. Therefore, you should have a valid UK driving licence. Due to nature of our work you will be expected to maintain high security and confidentiality of data.

Qualifications

One or more of the following:

  • ISO 27001 Lead auditor/ Lead implementor
  • CISA, CISSP, CRISC, CGEIT, IIA’s CIA
  • GIAC Systems and Network Auditor
  • Masters in IT Security
  • IRM qualifications
  • BCS Practitioner Certificates
  • CPP SIRA
  • CCSK

Key responsibilities

  • Undertake risk assessment to an external standard. Knowledge of multiple platforms and technologies, including cloud solutions
  • Analysis and/or Audits in either Cyber Security or Information Assurance
  • Advise on or Implementing established governance processes and frameworks to bring the best possible value-add solutions to clients
  • Implement Business Continuity Planning and Incident Response Procedures- knowledge of SIEM tools and techniques
  • Apply a management system and develop an information security management plan.
  • Implement or audit ISO27001 standard
  • Understand clients’ business and write bespoke security policies and procedures
  • Create data flow maps and process flow-chart 

Technical skills

One or more of the following areas:

  • Good knowledge of security management systems, governance & international standards
  • Broad understanding of management of cyber security risk, tools and techniques
  • Minimum 2 years of client facing experience in IT Audit/ GRC domain.
  • Broad understanding of IT and security risks, tools and techniques, privacy and data security laws and standards
  • Experience of working with suppliers on data security; internal reviews / audits and follow up
  • Conducting risk assessments, creating compliance policies and procedures
  • Liaising with businesses/regulators to resolve any issues of non-compliance

Essential Professional skills 

  • Proficiency in application of Information Assurance methodologies and analysis frameworks in a range of scenarios
  • Ability to gather data, compile information, and prepare professional reports
  • Ability to communicate with and understand the requirements of clients
  • Fluent in written communications and able to articulate complex issues in plain language
  • Ability to conduct effective research, using literature and other media
  • Flexible attitude and ability to perform under pressure
  • Ability to work independently and to take responsibility
  • Maintain productive, professional and secure working environment
  • Ability to interpret written requirements and technical specification documents

 

If you would like to apply for this position, please email your latest CV at [email protected].

By sending your CV at the above mailbox you consent to us collecting and storing your CV/Application and contact details. We will hold this information securely and process it for recruitment purposes only. Please refer to our privacy statement for more details on our compliance with GDPR and Data Protection.  


Cyber Essentials and IASME