Description
We are currently looking for a Security Auditor to join a market-leading Aerospace and Defence company.
Primary Purpose of the Role:
The successful applicant will play a vital role in assuring that the company and its supply chain manages and protects the company's and customer's information appropriately and will ensure that formal risk asses sments and audits are conducted i n a timely manner.
Key Responsibilities and Tasks:
- Support the production, implementation and maintenance of the company's Information Assurance audit schedule.
- Provide support and advice to the development and maintenance of Information Assurance risk registers.
- Provide input and support to the production and development of the security policies.
- Provide support to the Security Working Groups as required by CBUs and Functions t hroughout the company.
- Support the development and implementation of Security awareness campaign s, as required.
Experience:
Essential
- Proven experience in an information security role that includes:
- Assessing information security risk,
- Reviewing security policies and procedures
- Interpretation of historical audit reports
- Writing audit and non-conformance reports
- Develop corrective action plans
- Proven knowledge and experience of ISO27001.
- Able to produce formal security policy and standards documentation to support corporate policy.
- Familiar with legal and regulatory requirements that could impact organisational security policy
Desirable
- Quantifiable experience of implementing Security Policy Framework Mandatory Requirements.
- Proven knowledge and experience of Information Assurance Maturity Model (IAMM)
Qualifications
Essential
- ISO 27001 Internal auditor or similar
Desirable
- Professional Qualifications and Memberships of associations such as
- Certified Information Systems Auditor (CISA)
- CESG Listed Advisor Scheme (CLAS),
- Certified Information Security Manager (CISM),
- Certified Information Systems Security Professional (CISSP)
- ISO27001 Lead Auditor