Lead Auditor

View full description

Requirements:

• Advanced Audit and Security certifications/qualifications such as CISSP, CISA, CISM, Institute of Internal Auditors (IIA) or equivalent are preferred.
• Proven experience in IT/IS security auditing, with a strong focus on leading audit engagements.
• In-depth knowledge of information security principles, best practices, and standards.
• Experience leading and building Audit & Assurance Teams.
• Familiarity with GDPR, HIPAA, PCI DSS, ISO 27001, NIST, and NIS.
• Strong communication and interpersonal skills, with the ability to communicate technical concepts to non-technical stakeholders.
• High level of integrity, professionalism, and attention to detail.

Responsibilities:

• Lead Audits: Take charge of planning, organizing, and leading IT/IS security audits from initiation to completion, including defining audit scope, objectives, and methodologies.
• Audit Execution: Execute audit procedures, including reviewing systems, conducting interviews, and analyzing policies and documentation.
• Documentation and Reporting: Document audit findings, communicate results to management and stakeholders, and provide actionable insights.
• Assessment: Identify security vulnerabilities and threats, and develop strategies and recommendations to mitigate risks.
• Compliance Monitoring: Review and report on the organization’s security posture, ensuring compliance with security standards and regulations.
• Continuous Improvement: Collaborate with IT and security teams to implement corrective actions based on audit findings.
• Training and Awareness: Provide guidance and training to staff on security best practices and promote a culture of security awareness.