- Posted 14 August 2024
- LocationItalien
- Job type Permanent
- DisciplineCommercial, TIC & Notified Bodies
- Referencetb3
Consultant
Auditor
Job description
About Us
I am supporting a leading notified body providing conformity assessment services for a wide range of industries. Our mission is to ensure safety, reliability, and compliance with regulatory standards. We are seeking a highly skilled Cyber Security / ISO 27001 Auditor to join our team in Italy.
Job Description:
Position Summary
The Cyber Security / ISO 27001 Auditor will be responsible for evaluating and ensuring that our clients' information security management systems (ISMS) meet the stringent requirements of the ISO/IEC 27001 standard. The auditor will conduct audits, assessments, and gap analyses, providing detailed reports and recommendations for compliance and improvement.
Key Responsibilities:
Conduct ISO/IEC 27001 certification audits, surveillance audits, and recertification audits for clients across various industries.
Perform detailed assessments of clients' ISMS, identifying areas of non-conformity and potential risks.
Develop audit plans, schedules, and audit reports in compliance with ISO 19011 and ISO/IEC 27006 guidelines.
Provide expert guidance on the implementation and maintenance of ISMS, ensuring continuous improvement and compliance with ISO/IEC 27001 standards.
Collaborate with clients to develop corrective action plans and follow up on the implementation of these plans.
Stay up-to-date with the latest developments in cyber security and information security standards and best practices.
Conduct internal audits and assist in the preparation of external audits.
Participate in training and professional development opportunities to maintain and enhance auditing skills and knowledge.
Qualifications:
Bachelor’s degree in Information Security, Cyber Security, Information Technology, or a related field.
ISO/IEC 27001 Lead Auditor certification is mandatory.
At least 5 years of experience in information security auditing, preferably within a notified body or certification body.
Strong knowledge of ISO/IEC 27001 standards and the auditing process.
Familiarity with risk assessment methodologies, security controls, and best practices in cyber security.
Excellent analytical, problem-solving, and decision-making skills.
Strong interpersonal and communication skills, with the ability to interact effectively with clients and stakeholders at all levels.
Fluency in Italian and English is required; additional languages are a plus.
Ability to travel domestically and internationally as required.
Preferred Qualifications:
Additional certifications such as CISA, CISSP, or CISM.
Experience with other information security standards and frameworks (e.g., NIST, COBIT, GDPR).
Knowledge of the regulatory landscape in Europe, particularly related to information security and data protection.