Job description
Do you have experience in ISO27001 information auditing?
This is an exciting opportunity to join a leading professional services firm who offer a brilliant place of work (remote first) and opportunities for continuing professional development.
We are looking for an Information Security Auditor who is detail orientated to hold the following responsibilities:
- Conducting internal ISO27001 audits, with a focus on IT.
- Documenting non-conformities and opportunities for improvement in accordance with departmental processes.
- Conducting meetings with control owners to ensure completion of items.
- Liaising with the Lead Auditor to ensure that audits are conducted in a timely manner and any risks notified.
- Assisting with compilation of reports to the firm’s Information Security Management Forum and Audit & Risk Committee.
- Helping to improve information security awareness throughout the firm through training, practical advice and sharing knowledge.
- Keeping technical knowledge up to date through attending seminars and reading articles/knowledge emails.
- Reviewing and drafting Standard Operating Procedures.
As part of a relatively small team, you will also need to assist others or work on additional tasks in line with the overall responsibilities of the Information Security & Data Protection function.
Skills and experience that you will bring:
- Ideally you will have ISO27001 audit experience and/or experience in IT risk assessments.
- Ability to work proactively with internal stakeholders to help them seek solutions to information security weaknesses.
* Advantageous if you have worked within the legal sector or within professional services.
If this sounds like something that you would like to do, please submit your CV today.
