Lead Auditor

LEAD AUDITOR, ISO  – India BASED, REMOTE

At Prescient Security, we are on a mission to simplify security and compliance.

Our core values are:

• Bring Order to Chaos
• Be Accountable & See it Through
• 1000% With You
• Support & Collaborate
• Think Outside the Box
  
  

Summary:

We are seeking an experienced ISO 27001 Auditor to lead and execute comprehensive information security audits for clients across diverse industries. This role involves planning and conducting remote audits, evaluating ISMS documentation, identifying gaps, and ensuring compliance with ISO 27001 standards. The auditor will prepare detailed reports, verify corrective actions, and provide ongoing guidance to clients. Strong collaboration with internal teams and clear communication of findings to stakeholders is essential. The ideal candidate is detail-oriented, well-versed in ISO 27001, and committed to continual improvement and client success.

Essential Duties and Responsibilities:

• Audit Planning and Preparation
  • Developing Audit Plans: Create detailed audit plans, including scope, objectives, and criteria based on ISO 27001 standards.
  • Reviewing Documentation: Examine the client's Information Security Management System (ISMS) documentation, policies, and procedures to ensure alignment with ISO 27001 requirements.
  • Scheduling Audits: Coordinate and schedule audits with clients, ensuring proper resources and timelines are allocated.
• Conducting Audits
  • Remote Audits: Perform thorough audits remotely, evaluating the implementation and effectiveness of the client's ISMS.
  • Interviews and Observations: Conduct interviews with key personnel and observe processes to gather evidence of compliance.
  • Sampling and Testing: Select samples of evidence and test the implementation of controls to verify compliance with ISO 27001 standards.
• Assessment and Reporting
  • Gap Analysis: Identify non-conformities, areas of improvement, and potential risks in the client's ISMS.
  • Audit Reports: Prepare comprehensive audit reports detailing findings, non-conformities, and opportunities for improvement.
  • Presenting Findings: Communicate audit findings to the client's management team, providing clear and constructive feedback.
• Follow-Up and Corrective Actions
  • Corrective Action Verification: Review and assess the effectiveness of corrective actions taken by clients in response to non-conformities.
  • Follow-Up Audits: Conduct follow-up audits to ensure corrective actions have been implemented and are effective.
• Maintaining Compliance and Continual Improvement
  • Standard Updates: Stay updated with changes and updates to ISO 27001 standards and other relevant regulations.
  • Process Improvement: Recommend improvements to the audit process and methodologies to enhance the effectiveness of the certification body's audit activities.
• Client Relationship Management
  • Client Support: Provide guidance and support to clients in understanding ISO 27001 requirements and achieving compliance.
• Internal Coordination and Communication
  • Team Collaboration: Work closely with other auditors, technical experts, and management within the certification body to ensure consistent and high-quality audit practices.
  • Reporting to Management: Provide regular updates and reports to the management on audit activities, findings, and client compliance status.
    
    

Work Skills and Qualifications:

• 5-7 years of experience as an ISO Auditor
• Continual Learning: Engage in continual professional development to maintain and enhance auditing skills and knowledge of ISO 27001.
• Certifications: Maintain necessary certifications and credentials as an ISO 27001 Lead Auditor.
• Responsible for training, mentoring, and overseeing pods of auditors using the Company's existing processes and tools including Peer Reviewer, Salesforce and Jira
• Responsible for client acceptance, overseeing the audit process, final review, and signing of the reports
• Responsible for handling escalations of respective clients

NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as negotiated to meet the ongoing needs of the organization.

Prescient Security provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age disability or genetics.