Information Security Auditor and SOC Auditor

We are currently seeking an experienced Information Security Auditor who is familiar with frameworks such as ISO:27001, has previous experience as an Information Security Officer, and is willing to work on a contract basis. Additionally, proficiency in Vulnerability Assessment and Penetration Testing (VAPT) is highly desired.

Job Description: Information Security Auditor (Contract Basis)

As an Information Security Auditor, you will be responsible for evaluating the effectiveness of our information security controls, ensuring compliance with industry standards and regulations, and identifying vulnerabilities within our systems. Your expertise in ISO:27001 and experience as an Information Security Officer will play a crucial role in maintaining the security of our organization.

**Responsibilities**:

- Conduct comprehensive audits of our information security systems, processes, and controls to assess their effectiveness and compliance with industry standards, regulations, and best practices.
- Collaborate with cross-functional teams to identify potential vulnerabilities and recommend appropriate remediation measures.
- Evaluate the implementation and adherence to information security policies and procedures throughout the organization.
- Develop and maintain audit documentation, including audit plans, procedures, and reports.
- Provide guidance and support to stakeholders on information security best practices and compliance requirements.
- Stay updated on emerging threats, vulnerabilities, and industry trends to enhance the effectiveness of security controls.
- Conduct risk assessments and assist in the development of risk mitigation strategies.
- Collaborate with external auditors, regulators, and other stakeholders during audits and compliance assessments.
- Assist in the development and implementation of information security awareness and training programs.

**Requirements**:

- Bachelor's degree in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CISA, CISM) will be an added advantage.
- Proven experience as an Information Security Auditor, Information Security Officer, or in a similar role.
- Strong knowledge of information security frameworks, particularly ISO:27001, and experience with their implementation.
- Familiarity with industry regulations and compliance requirements (e.g., GDPR, HIPAA, PCI DSS).
- Expertise in conducting Vulnerability Assessment and Penetration Testing (VAPT) using industry-standard tools and methodologies.
- Strong analytical and problem-solving skills, with the ability to assess risks and provide effective solutions.
- Excellent written and verbal communication skills, with the ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
- Detail-oriented and organized, with the ability to manage multiple priorities and meet deadlines.
- Strong interpersonal skills, with the ability to collaborate and build relationships with diverse teams.
- Self-motivated and proactive, with a continuous learning mindset to stay updated with evolving security threats and technologies.

**Job Type**: Contract

Pay: ₹254,705.24 - ₹1,256,382.53 per year

Ability to commute/relocate:

- Mumbai, Maharashtra: Reliably commute or willing to relocate with an employer-provided relocation package (required)

Application Question(s):

- Can you share your approach to conducting risk assessments and developing risk mitigation strategies?
- Have you collaborated with external auditors, regulators, or other stakeholders during audits and compliance assessments? How did you contribute to the successful completion of such audits?

**Experience**:

- total work: 7 years (preferred)