ISO 27001 Auditor

We are seeking a qualified and experienced ISO 27001 Auditor to assess, monitor, and improve our Information Security Management System (ISMS) in accordance with the ISO / IEC 27001 standard. The ideal candidate will have a strong understanding of information security principles and best practices and will be responsible for performing internal audits, supporting certification audits, and ensuring continuous improvement of the ISMS.

Key Responsibilities :

Plan, conduct, and report on internal audits of the ISMS as per ISO / IEC 27001 requirements.

Identify non-conformities, risks, and improvement opportunities and follow up on corrective actions.

Assist in maintaining ISO 27001 certification by ensuring compliance with applicable controls and standards.

Provide guidance on the implementation and effectiveness of security controls across departments.

Work closely with stakeholders to ensure risk assessments, asset management, and security policies are up to date.

Support third-party audits and liaise with external auditors and certification bodies.

Keep abreast of regulatory changes and developments in information security standards.

Assist in training staff on ISO 27001 awareness and internal audit procedures.

Document audit findings, prepare audit reports, and present results to management.

Requirements :

Education & Experience :

Bachelor’s degree in Information Security, Computer Science, IT, or a related field.

Minimum (2–5) years of experience in information security or compliance.

Proven experience conducting ISO 27001 audits.

Certifications (preferred or required) :

Certified ISO / IEC 27001 Lead Auditor or Internal Auditor (e.g., PECB, IRCA, BSI, or equivalent).

Other relevant certifications (CISA, CISSP, CISM) are a plus.