Information Security Auditor
SDL
Sheffield, UK
5d ago

JOB DESCRIPTION

Job Title : Information Security Auditor

Sheffield or Maidenhead

Responsible to : Global Information Security Lead

Responsible for : Providing independent assurance of the efficacy of SDL’s information security management system in supporting business aims.

Main Purpose of Job

As an Information Security Auditor you will use your knowledge and experience to perform security compliance assessments based on industry frameworks such as ISO27001, the NIST CSF and internal policies and processes.

You will work with specialist individuals and teams to analyse control effectiveness and organisational practices and contribute to the formulation of remediation plans.

The focus of your activities will be to contribute to the continual development and improvement of SDL’s internal and customer facing estate to support SDL’s business aims.

The Information Security Auditor will have an excellent understanding of technology and will be seen as a solutions expert who is able to work with all areas of the business, often acting as a resource to enhance systems that support both general operations and business growth.

Main Duties

1. Provide assurance of the effectiveness of SDL’s security posture in supporting business aims whilst increasing efficiency and maximising ROI.

2. Work with all areas of the business to ensure that strategies relating to Information Security align to company requirements.

3. Develop, maintain and deliver an Information Security audit schedule that considers business goals and appropriate security priorities.

4. Auditing internal practices against SDL’s Information Security standards.

5. Auditing partners against SDL’s Information Security expectations and contractual obligations.

6. Publish and present timely, high quality reports together with findings to SDL executives.

7. Support pre and post-sales process, presentations, and client-specific meetings (including audits) when required.

8. Engage with stakeholders to discuss security issues and opportunities for improvement to contribute to SDL’s continual improvement.

PERSON SPECIFICATION

Qualifications, skills and experience

Essential

1. Batchelor’s degree in computer science, information systems or cyber security. Alternatively demonstrable equivalent experience will be considered.

2. Formal audit qualification such as Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA). Individuals holding appropriate information security related qualifications studying, for CIA or CISA will be considered.

3. Strong, current technology skills and knowledge in a broad range of areas including secure software development and cloud based technologies.

4. Advanced analytical and structured problem solving abilities with an inquisitive approach to work

5. Flexibility / Adaptability fast to respond, thinks on feet, track record of adapting, thinking outside the box, open mind to new tools and changing processes

6. Ability to travel within UK and internationally (when needed). Estimate less than 25% of time.

7. Ideas generator and innovator : always asking Why? How?

8. Self-starter requiring little supervision to complete tasks independently, curious, fast moving pace, self-developer, exhibits interest in world outside SDL and seeks to learn lessons to apply internally.

9. Strong self-management and ability to work independently, or as part of a team.

10. Attention to detail.

11. Advanced written and verbal communication skills with proven ability to write highly technical reports and documentation.

12. Able to explain complex issues to inexperienced people.

13. Suitable time prioritisation and management skills.

Desirable

1. An understanding of and experience working with information security frameworks such as ISO27001 NIST CSF and the HITRUST CSF.

2. Certified ISO27001 : 2013 Lead Auditor.

3. Experience working in a PCI-DSS regulated environment.

Apply
Add to favorites
Remove from favorites
Apply
My Email
By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
Continue
Application form