Information Security Auditor
My client, a market leader in their professional services sector are currently looking for a security auditor to work full time on one of their largest customer sites, near Newcastle. This is a newly created role, with the ability to shape your career path. Sitting in a wider information security team dispersed across the UK, you will have the opportunity to interact with multiple stakeholders on client site and internally. This is a fantastic opportunity to be a part of something new, in a business actively investing in security.
- Identify areas to be audited and type of audit required.
- Review policies prior to audits.
- Interrogate systems for evidence and accuracy.
- Collect evidence on current practices and results.
- Analyse findings and identify risks and non-compliances.
- Feedback on findings to relevant management via a clear and constructive written report with recommendations where they can be made.
- Production and management of action plans, ensuring responsibilities and deadlines for actions are assigned.
- Align security standards with internal and external authorised partners to ensure global consistency - PCI DSS, ISO27001 etc.
- Through auditing and investigations, be able to identify information security risks against client and applicable standards.
- Communicate with relevant personnel at all levels in the business to ensure that appropriate risk treatments are put in place and delivered.
- Support the business in selecting controls which will be a part of the company's risk treatment plan.
- Verify that the controls are in place and are effective and appropriatDeliver briefs and presentations as required internally.
- Assist in the development and delivery of Information Security Training.
- To drive security committee meetings and forums with correct audience.
- Feed relevant outputs into the company wide governance program.
- One or more years in an information security position such as security administrator/auditor
- Knowledge of global Information Security Standards ie ISO27001, PCI DSS, NIST, COPC
- Ideally some exposure to apple technologies.
To apply for the role please send your CV to (see below) Or for more information call Mary.