Overview
We are seeking an independent ISO/IEC 27001 Lead Auditor to provide specialized auditing services for our clients' information security management systems (ISMS). In this contractor role, you will work autonomously to plan and execute audits against ISO/IEC 27001 standards, ensuring compliance and effectiveness of information security controls. Your main focus will be on delivering clear, legally compliant audit reports and managing client relationships throughout the audit process, with flexibility in working methods and location.
Responsibilities
- Deliver scoped ISMS audits against ISO/IEC 27001 to agreed milestones.
- Produce audit plans, evidence records, and final audit reports for legal or regulatory use.
- Perform risk assessments and review policies and controls with client stakeholders.
- Identify nonconformities and document findings with corrective recommendations.
- Maintain audit records and, where necessary, uphold chain of custody standards.
- Provide flexibility in conducting planning, analysis, and reporting remotely.
Requirements
- Current recognized ISO/IEC 27001 Lead Auditor qualification (CQI/IRCA-certified or equivalent).
- Expertise in ISO/IEC 27001, ISMS design, implementation and risk assessment methodologies.
- Strong skills in audit planning, execution, reporting, and evidence collection.
- Solid understanding of information security controls and compliance frameworks.
- Demonstrated experience in cybersecurity, digital forensics, or incident response.
- Excellent written and verbal communication skills for technical and non-technical stakeholders.
- Ability to manage multiple audits and client engagements concurrently.