ISO27001 Lead Auditor
Apply NowTata Consultancy Services
Job details
Role: ISO27001 Lead Auditor Job Type: Permanent Location: Leamington Spa Ready to utilise your skills and experience in Cybersecurity? Are you passionate about providing technical expertise on Information Security Management System (ISMS) based on ISO 27001, NIST, identifying areas for continual improvement? Join us as an ISO 27001 Lead Auditor Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands in the UK and worldwide. For you, it means more to make an impact that matters, through challenging projects which demand ambitious innovation and thought leadership. Be part of an exciting team where you will be challenged every day. Work closely with the range of teams within the business to bring products to life. Work with customers and identify opportunities to support their strategy and improve their processes across functions. The Role As an ISO 27001 Lead Auditor , you will be responsible for developing and implement comprehensive audit plans aligned with organisational risk assessments and relevant standards. You will collaborate effectively with diverse client stakeholders to ensure alignment with Information Security Management policies, procedures, guidelines, and processes. Key responsibilities: Conduct audits of clients' Information Security Management System (ISMS) based on ISO 27001, NIST, and other applicable standards to assess compliance and identify areas for continual improvement. Conduct independent and objective assessments of the ISMS, evaluating the design, implementation, and effectiveness of information security controls. Identify vulnerabilities, control weaknesses, and non-compliance issues through interviews, document reviews, testing procedures, and other established audit methodologies. Identify and assess the organisation's information security risks and develop audit reports detailing findings, recommendations, and corrective actions with recommended mitigation measures. Collaborate with stakeholders across various departments (IT, HR, Legal, etc.) to implement corrective actions effectively. Create ISMS-related Documents/Checklists/Policies/SOPs, conducting ISMS Audits, and drive ISMS-related activities throughout all the locations. Support the organisation/clients in achieving and maintaining ISO 27001 certification. Designed policy framework based on ISO 27001, opening and closing of an audit meeting, and assisted with follow-up audits. Review and update ISMS audit methodologies and tools based on emerging threats, best practices, and organisational changes. Adhere to strict ethical standards and organisational information security policies when handling sensitive data obtained during the audit process. Your Profile Key skills/knowledge/experience: Significant experience in ISO 27001/2 standards for consulting, collaboration, implementation & auditing is highly desirable. A strong understanding of information security frameworks like ISO 27001, NIST Cybersecurity Framework (CSF), GDPR, CIS or similar. Experience planning, preparing, and delivering internal and external audits, including Compliance Audits. Experience and knowledge of Cyber/Information Security Governance, Risk Management, and Compliance. Knowledge of industry good practices and procedures, Information Security Management tools-methods-techniques-and their applications, ISMS specific documentation structures-hierarchy-and interrelationships, electronic and digital signatures, electronic evidence collection, etc. Strong Knowledge of Audit planning, Audit risks, Information Security Process Analysis, information security controls, risk assessment methodologies, vulnerability management principles and Internal Auditing of Information Security Management Systems. Rewards & Benefits TCS is consistently voted a Top Employer in the UK and globally. Our competitive salary packages feature pension, health care, life assurance, laptop, phone, access to extensive training resources and discounts within the larger Tata network. Diversity, Inclusion & Wellbeing At TCS, we believe in building and sustaining a culture of equity and belonging where everyone can thrive. Our diversity motto is ‘Inclusion without Exception’. You’ll find a welcoming culture and many internal volunteering and social networks to join. Our diversity, inclusion and social activities involve 12 employee networks including LGBTQ & Allies, mental health, disability & neurodiversity inclusion and many more, as well as health & wellness initiatives and sports events (we even sponsor the London Marathon). We are open to all and treat applications equally, regardless of ethnicity, disability, gender identity, gender reassignment, age, sexual orientation, or beliefs. If you are an applicant who needs a reasonable accommodation due to Disability or Neurodiverse Condition to complete an employment application, or during any phase of the hiring process, please contact us at kowsalya.kumartcs.com with the subject line: “Reasonable Accommodation Request”. Due to a high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Application Process 1. Online application > 2. Technical discussion > 3. Managerial discussion > 4. HR discussion.
Apply Now