Auditor, Lead ISO 27001

The Auditor, Lead will plan, conduct, and lead audits for all ABS QE audit programs.

What You Will Do:

• Responsible for working with Certification personnel to oversee Information Security Management System (ISMS) standards and programs, including ISO/IEC 27001.
• Responsible for attending any required training and following all procedures, processes, and policies within ABS-QE for management of clients, management of a home-based office, use of ABS-QE equipment, and communication both internal and external to the organization.
• Responsible for following the training plan developed by the Global Competency Program to reach assessor status and then Lead Assessor status through the prescribed program.
• Working with Client Service Representatives to contact clients and schedule visits, plan assessments, make travel plans, conduct assessments, and report and manage the results.
• Perform third-party onsite ISMS audits for North American customers.
• Responsible for leading teams, when necessary, and mentoring and coaching new or inexperienced colleagues as needed to meet business needs.
• Schedule and plan audit activities with customers.
• Interact directly with customers at all levels of management in developing accurate reports regarding the implementation and maintenance of their information security management system.
• Provide timely and accurate reviews of audit results, corrective actions, and closures.
• Participate in additional training based on future business needs and perform other assignments as needed to meet assessment delivery business objectives.
• Review policies, procedures, statements of applicability, risk assessments, and associated documentation for compliance with ISO/IEC 27001 requirements and related ISMS criteria.
• While the position is remote, regular travel (50%+) to client sites and project locations is a core part of the role.

What You Will Need:

Education and Experience

• Bachelor's degree or higher in a relevant field such as Information Technology, Information Security, Computer Science, Engineering, or a related discipline, plus relevant professional experience in information security, information systems, or management systems auditing.
• Equivalent industry experience may be considered in place of a degree.
• Current ISO/IEC 27001 Lead Auditor certification required.
• Minimum four (4) years of experience in information security, information systems, cybersecurity, risk management, or related auditing activities is required.
• The ideal candidate will have third-party audit experience in:
  • ISO/IEC 27001 – ISMS (Required)
  • ISO 9001 – Quality Management.
  • ISO 22301 – business continuity management.
  • ISO/IEC 20000-1 – IT service management.
  • ISO/IEC 27701

Knowledge, Skills, and Abilities

• Excellent decision-making and organizational skills.
• Excellent oral and written communication skills.
• Ability to work with moderate supervision.
• Exhibit teamwork mentality.
• Strong attention to accuracy and quality of work performed.
• Flexible in achieving duties.
• Ability to train, assist, coach, or mentor subordinate Auditors as necessary.
• Obtain a working knowledge of the ABS Health, Safety, Quality, and Environmental Management Systems.

Salary: $105,000 - $120,000

Reporting Relationships:

Reports to the Director of Certification, Operations or another designated manager. This position currently supports third party contractors working on ISMS programs.

Notice:

This position requires access to information that is subject to control by the Export Administration Regulations and/or the International Traffic in Arms Regulations. Any offer of employment shall be contingent upon the Company’s verification that the candidate is a “U.S. Person” or upon the receipt of all necessary export licenses or authorizations that may be required by U.S. export control laws. “U.S. Persons” are defined as U.S. citizens, U.S. lawful permanent residents (i.e., “green card” holders), or any individual granted protected status under the Immigration and Nationality Act (8 U.S.C. § 1324b(a)(3)), including asylees and refugees.  In the event a candidate refuses or cannot otherwise provide the necessary information for the Company to determine whether such licenses may be required, or for the Company to obtain any required licenses, the Company shall maintain the exclusive right to discontinue the application process and/or withdraw any contingent offer that has been made.