Information Security Auditor

Position Summary

An internal auditor is responsible for evaluating and assessing the effectiveness of an organization's internal controls, risk management processes, and governance systems. They need to conduct audits, identify risks and work on process improvement.

Job Responsibilities

• Perform systematic audits in space of information security management systems (ISMS) to ensure compliance with ISO 27001 requirements
• Audit with cybersecurity frameworks such as ISO 27001, NIST, COBIT, GDPR, or PCI-DSS
• In collaboration with our Governance & Enterprise Risk teams, support the continuous improvement of ISO, SOC and financial IT controls environments
• work with organization to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards
• Examine documents, and reports to assess their accuracy and compliance with ISO 27001, SOC and PCI DSS standards
• Analyze audit results, evaluate deficiencies and assess vulnerabilities to be remediated and develop proposals for solutions
• Engage with various internal stakeholders to gather information and evidence through inquiry and observation and to document reviews related to information security

Qualification

• Experience- 1 -3 Years
• Relevant years of information security experience, with a very strong risk management and technical background
• Should have familiarity with security standards and experience with ISO 27001/2, PCI DSS, SSAE16, NIST/FedRAMP, GDPR etc.
• Knowledge of cybersecurity concepts (threats, vulnerabilities, risk, confidentiality, integrity, availability, cryptography, network/application security, web security, etc.)