Skills and Experience Requirements:

3+ years of experience as an Information Security Auditor/Internal Security Assessor.

Experience managing controls or compliance with SOC2, ISO 27001, PCIDSS.

Experience managing multiple projects in a fast paced, ambiguous environment, accountability/ownership for the audit project lifecycle.

A high degree of personal integrity, attention to detail, and strong investigative skills.

Associate or bachelor’s degree in  Information Security/IT/Cybersecurity related discipline is preferred.

 

Responsibilities:

Schedule, coordinate, and lead company internal audits. Handle the full internal audit cycle.

Develop and implement of audit program ( ISO/IEC 27001, PCIDSS, GDPR).

Support preparation for external audits, liaise with external auditors, and provide internal guidance in support of external audits.

Plan, implement, monitor, and upgrade security measures to protect the organization’s  data, systems, and networks.

Conduct audits regular audits and provides recommendations.

Maintain, monitor, and improve the audit process. 

Control of implementation of corrective actions addressing nonconformities with management systems standards and  document requirements.