Description
ISO27001 Auditor
BRAND NEW OUTSIDE IR35 CONTRACT OPPORTUNITY FOR A SECURITY AUDITOR TO WORK FOR A LEADING DEFENCE COMPANY IN ROMSEY.
JOB DESCRIPTION
Plan, implement and follow-up ISO 27001 internal audits in accordance with ISO 27001 internal audit schedule:
- Create comprehensive audit plans based on ISO 27001 and ISO 27002 requirements, controls and guidance, and internal ISMS policies and procedures
- Conduct detailed document reviews against the standards and ISMS for compliance
- Arrange and conduct interviews with appropriate personnel involved with the implementation of the ISMS
- Gather appropriate evidence to support the audit
- Write detailed audit reports, recording findings and noting any deficiencies, observations and opportunities for improvement in accordance with audit procedures and the audit requirements of the standard
- Propose and agree corrective actions as necessary; gain agreement with the report from relevant stakeholders in accordance with audit procedures and the audit requirements of the standard
- Record actions in tracking tool and follow-up as appropriate
SKILLS REQUIRED
Education and Training
- Qualified Information Security Management Systems Auditor, certified by a recognised body
- Qualifications in Information Security, IT Security and Physical Security or related fields would be advantageous
- Training in the ISO 27000 group of standards
Experience
- The successful candidate should have at least two years practical experience of auditing Information Security Management Systems
- Ideally the successful candidate will have experience of implementing and operating Information Security Management Systems
Capabilities and Attributes
- Able to communicate confidently, clearly and effectively at all levels of the business
- Able to work well under pressure with the minimum of direct supervision
- Analytical and logical approach
- Flexible and adaptable
- High level of general literacy and computer literacy
INSURANCE LEVELS REQUIRED
Each party shall maintain such insurances as it deems necessary to meet its obligations during the term of this agreement and includes as a minimum:
- Public liability insurance for a sum of not less than £2,000,000 (two million pounds sterling; and
- Professional indemnity insurance for a sum of not less than £1,000,000 (one millions pounds sterling; and
- Employers' liability at the statutory level pursuant to the Consultancy's right to provide Staff and rights under clause 24.1.