ISO Lead Auditor

ConfidentialHyderabad / Secunderabad, Telangana, Bengaluru / Bangalore

30+ days ago

Job description

Job Purpose and Key Responsibilities :

Manage a variety of projects within their organization, facilitating the planning and prioritization of complex cybersecurity services.

Primary Role & Responsibilities :

Develop and implement comprehensive audit plans aligned with organisational risk assessments and relevant standards.
Conduct audits of clients' Information Security Management System (ISMS) based on ISO 27001, NIST, and other applicable standards to assess compliance and identify areas for continual improvement.
Conduct independent and objective assessments of the ISMS, evaluating the design, implementation, and effectiveness of information security controls.
Identify vulnerabilities, control weaknesses, and non-compliance issues through interviews, document reviews, testing procedures, and other established audit methodologies.
Identify and assess the organisation's information security risks and develop audit reports detailing findings, recommendations, and corrective actions with recommended mitigation measures.
Collaborate with stakeholders across various departments (IT, HR, Legal, etc.) to implement corrective actions effectively.
Collaborate effectively with diverse client stakeholders to ensure alignment with Information Security Management policies, procedures, guidelines, and processes.
Responsible for creating ISMS-related Documents / Checklists / Policies / SOPs, conducting ISMS Audits, and driving ISMS-related activities throughout all the locations.
Support the organisation / clients in achieving and maintaining ISO 27001 certification.
Designed policy framework based on ISO 27001, opening and closing of an audit meeting, and assisted with follow-up audits.
Review and update ISMS audit methodologies and tools based on emerging threats, best practices, and organisational changes.
Adhere to strict ethical standards and organizational information security policies when handling sensitive data obtained during the audit process.

Key Skills, Experience & Knowledge :

Significant experience in ISO 27001 / 2 standards for consulting, collaboration, implementation & auditing is highly desirable.

A strong understanding of information security frameworks like ISO 27001, NIST Cybersecurity Framework (CSF), GDPR, CIS or similar.

Experience planning, preparing, and delivering internal and external audits, including Compliance Audits.

Should have detailed experience and knowledge of Cyber / Information Security Governance, Risk Management, and Compliance.

Knowledge of industry good practices and procedures, Information Security Management tools-methods-techniques-and their applications, ISMS specific documentation structures-hierarchy-and interrelationships, electronic and digital signatures, electronic evidence collection, etc.

Strong Knowledge of Audit planning, Audit risks, Information Security Process Analysis, information security controls, risk assessment methodologies, vulnerability management principles and Internal Auditing of Information Security Management Systems.

Key Skills / Knowledge :

Personal Profile

Demonstrates JLR Creators' Code of behaviors, Customer Love, Unity, Integrity, Growth and Impact.

Embracing people differences, being empathetic, welcoming challenges together empowering each other to deliver.

Building trust by speaking openly and honestly, listening attentively, and treating others respectfully. Taking initiative and using failure as an opportunity to learn.

A determined individual, highly driven, committed and results-orientated who works with pace, energy and confidence and a strong team player.

An individual who is resilient, energetic and enthusiastic, responds constructively to new ideas and input in a changing business environment.

Skills Required

Iso

Create a job alert for this search

Auditor • Hyderabad / Secunderabad, Telangana, Bengaluru / Bangalore