Back to jobs

Auditor

Job description

About Us

I am supporting a leading notified body providing conformity assessment services for a wide range of industries. Our mission is to ensure safety, reliability, and compliance with regulatory standards. We are seeking a highly skilled Cyber Security / ISO 27001 Auditor to join our team in Italy.

Job Description:

Position Summary

The Cyber Security / ISO 27001 Auditor will be responsible for evaluating and ensuring that our clients' information security management systems (ISMS) meet the stringent requirements of the ISO/IEC 27001 standard. The auditor will conduct audits, assessments, and gap analyses, providing detailed reports and recommendations for compliance and improvement.

Key Responsibilities:

  • Conduct ISO/IEC 27001 certification audits, surveillance audits, and recertification audits for clients across various industries.

  • Perform detailed assessments of clients' ISMS, identifying areas of non-conformity and potential risks.

  • Develop audit plans, schedules, and audit reports in compliance with ISO 19011 and ISO/IEC 27006 guidelines.

  • Provide expert guidance on the implementation and maintenance of ISMS, ensuring continuous improvement and compliance with ISO/IEC 27001 standards.

  • Collaborate with clients to develop corrective action plans and follow up on the implementation of these plans.

  • Stay up-to-date with the latest developments in cyber security and information security standards and best practices.

  • Conduct internal audits and assist in the preparation of external audits.

  • Participate in training and professional development opportunities to maintain and enhance auditing skills and knowledge.

Qualifications:

  • Bachelor’s degree in Information Security, Cyber Security, Information Technology, or a related field.

  • ISO/IEC 27001 Lead Auditor certification is mandatory.

  • At least 5 years of experience in information security auditing, preferably within a notified body or certification body.

  • Strong knowledge of ISO/IEC 27001 standards and the auditing process.

  • Familiarity with risk assessment methodologies, security controls, and best practices in cyber security.

  • Excellent analytical, problem-solving, and decision-making skills.

  • Strong interpersonal and communication skills, with the ability to interact effectively with clients and stakeholders at all levels.

  • Fluency in Italian and English is required; additional languages are a plus.

  • Ability to travel domestically and internationally as required.

Preferred Qualifications:

  • Additional certifications such as CISA, CISSP, or CISM.

  • Experience with other information security standards and frameworks (e.g., NIST, COBIT, GDPR).

  • Knowledge of the regulatory landscape in Europe, particularly related to information security and data protection.