ISO Consultant

A day in the life could include:

• Directly support clients in a variety of roles, such as identifying ISO gaps in compliance, advising on needed remediations or improvements as well as cybersecurity best practices, and providing audit reports
• Documenting findings and drafting reports for clients
• Coordinating and managing Clients regarding internal or external audits, including:
• Control compliance review
• Evidence collection
• Coordination of audit work
• Leading or supporting compliance and risk assessments, including providing guidance to junior resources
• Conducting interviews with clients to analyze their information security controls or risk and identify recommendations
• Execute on multiple client engagements simultaneously
• Communicating with project stakeholders to effectively convey requirements of technical and process improvements.
• Assisting in the development of customized policies, procedures, controls, disaster recovery plans and other documentation for applications, systems, and infrastructure.
• Working with cross-functional teams to provide support on other compliance assessments such as PCI, SOC 2, etc., and maintaining communication across groups
• Additional duties as assigned

Necessary skills and qualifications:

• Bachelor's degree in information security or related discipline from a 4-year University
• Knowledge or exposure to IT audits or IT security
• Plan and execute ISO (27001, 27701, 22301, 42001) engagements under the direction of the management team
• Lead assessments during remote or onsite testing
• Lead scoping calls about client environments
• Communicate clearly and proactively with both clients and the management team regarding project status
• Significant knowledge of ISO 27001/2 and its derivatives (e.g., 27701, 22301 Shared Assessment)
• Significant experience leading information security audits with a preference for IS0 27001 audits or assessments
• Ability to adapt to changing standards and expectations
• Ability to work in a fast-paced environment
• Ability to work individually as well as part of a team
• A high degree of motivation and work ethic, to meet defined timelines
• Excellent communication skills including a mastery of written English

Bonus Points:

• Preferred to have 1-2 years of experience conducting IT assessments with at least one more industry standard framework such as SOC, ISO, PCI DSS, etc.
• At least 2 years experience in client-facing role (e.g., consulting or external auditor)

We've got you covered!

• Comprehensive benefits including: Medical, Dental, Vision & Basic Life Insurance
• Paid Vacations, Sick Time, & Holidays
• 401 (k) with discretionary company match
• Vibrant work culture

Additional requirements:

• Eligibility to work in the United States.

A day in the life could include:

• Directly support clients in a variety of roles, such as identifying ISO gaps in compliance, advising on needed remediations or improvements as well as cybersecurity best practices, and providing audit reports
• Documenting findings and drafting reports for clients
• Coordinating and managing Clients regarding internal or external audits, including:
• Control compliance review
• Evidence collection
• Coordination of audit work
• Leading or supporting compliance and risk assessments, including providing guidance to junior resources
• Conducting interviews with clients to analyze their information security controls or risk and identify recommendations
• Execute on multiple client engagements simultaneously
• Communicating with project stakeholders to effectively convey requirements of technical and process improvements.
• Assisting in the development of customized policies, procedures, controls, disaster recovery plans and other documentation for applications, systems, and infrastructure.
• Working with cross-functional teams to provide support on other compliance assessments such as PCI, SOC 2, etc., and maintaining communication across groups
• Additional duties as assigned

Necessary skills and qualifications:

• Bachelor's degree in information security or related discipline from a 4-year University or a related discipline or seven years of equivalent industry experience.
• Preferred to have 2-5 years of experience conducting IT assessments with at least one more industry standard framework such as SOC, ISO, PCI DSS, etc.
• Knowledge or exposure to IT audits or IT security
• Plan and execute ISO (27001, 27701, 22301, 42001) engagements under the direction of the management team
• Lead assessments during remote or onsite testing
• Lead scoping calls about client environments
• Communicate clearly and proactively with both clients and the management team regarding project status
• Significant knowledge of ISO 27001/2 and its derivatives (e.g., 27701, 22301 Shared Assessment)
• Significant experience leading information security audits with a preference for IS0 27001 audits or assessments
• Ability to adapt to changing standards and expectations
• Ability to work in a fast-paced environment
• Ability to work individually as well as part of a team
• A high degree of motivation and work ethic, to meet defined timelines
• Excellent communication skills including a mastery of written English

Bonus Points:

• ISO Lead Auditor
• Other Certificates such as CISO, CISP, CISM
• At least 2 years of experience in a client-facing role (e.g., consulting or external auditor)

We've got you covered!

• Comprehensive benefits offering
• Paid time off and holidays
• 401 (k) with Company match
• Vibrant work culture

Additional requirements:

• A valid driver's license is required.
• Eligibility to work in the United States.