CrawlJobs Logo
Bridge Soft Solutions Logo Bridge Soft Solutions · IT - Administration

Information Security Auditor & Standards Lead

India · Job Posted April 16, 2026
Apply Position
Job Link Share

Job Description

We are seeking a highly experienced Information Security Auditor & Standards Lead with deep, hands-on knowledge of global information security standards and best practices. The individual will independently lead security governance, audit, and compliance activities across frameworks such as ISO 27001 and SOC 2, and continuously enhance the organization’s security and compliance maturity.

Job Responsibility

  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Develop, review, and enforce security policies, standards, and procedures
  • Provide standards-driven guidance for new systems, applications, and infrastructure
  • Review new implementations for compliance alignment
  • Advise on control selection, design, and evidence requirements
  • Ensure new implementations are audit-ready by design
  • Provide compliance guidance to Security, Network, IT, Cloud, and HR teams
  • Identify gaps and drive continuous improvement initiatives
  • Support management reviews and executive-level reporting

Requirements

  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Bridge Soft Solutions - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Auditor & Standards Lead

8 matching positions

Information Security Consultant

PGI is seeking experienced Information Security Consultants to join our contract...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven people and relationship management skills
  • Demonstrable experience providing Information Assurance consultancy
  • Experience in or knowledge of the PCI DSS standard, NIST CSF, DORA, GDPR/DPA
  • ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, Business Continuity or Cloud Security accreditations are highly desirable
  • Experience in conducting risk assessments and forming risk management policies
  • Excellent verbal and written communication skills, with the ability to present to clients and business stakeholders
  • A positive approach to problem-solving and possesses the ability to work smart and collaboratively to prioritise and set deadlines
Job Responsibility
Job Responsibility
  • Engaging confidently with clients relating to solving Information Security Governance, Risk, and Compliance problems
  • Providing hands-on compliance and consultancy services across a range of requirements for clients, such as ISO 27001, business continuity, data protection, DORA, or other regulatory compliance needs, including IASME Cyber Essentials
  • Support colleagues in delivery by also assisting with: Information Security Management System (ISMS) design and implementation
  • GDPR gap assessments and implementation support
  • PCI DSS scoping, gap assessments, implementation guidance, and compliance reporting
  • Maturity Assessments
  • Third-party / supplier assurance reviews
  • Providing expertise to enhance our international capacity-building offer and value
  • Contribute towards the maintenance of PGI’s own accreditations, including ISO 27001, ISO 9001 and business continuity as well as compliance with data protection regulations
  • Maintaining your own continuing professional development, keeping up to date with security industry trends and best practices
Read More
Arrow Right

Business Information Security Officer

A senior individual contributor role serving as the cybersecurity liaison for HP...
Location
Location
Ireland , Leixlip
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of experience in cybersecurity, risk management, or related fields, with significant exposure to financial services regulatory environments
  • proven ability to partner with business executives and influence decision-making through clear articulation of cyber risk in business and regulatory terms
  • deep knowledge of cybersecurity frameworks and controls relevant to financial institutions (NIST, ISO 27001, DORA, SOX, GDPR, etc.)
  • experience engaging with financial regulators, auditors, and external examiners on cybersecurity compliance
  • strong understanding of incident response processes, with the ability to coordinate remediation and communication at the business unit level
  • exceptional communication, stakeholder management, and executive presence
  • bachelor’s degree required
  • advanced degree and/or certifications (e.g., CISM, CISSP, CRISC) preferred.
Job Responsibility
Job Responsibility
  • act as the primary cybersecurity liaison for HPEFS, partnering with executives to translate cyber risk into business and regulatory impact and enable informed leadership decisions
  • inform the HPEFS leadership about emerging cyber threat landscape to be proactive in protecting the business
  • drive cybersecurity strategies tailored to the regulatory environment for financial services, including but not limited to Central Bank of Ireland requirements, Digital Operational Resilience Act (DORA), SOX, GDPR (cyber-related obligations)
  • lead cyber risk assessments for products, services, and bank operations, ensuring controls meet both enterprise and banking regulatory expectations
  • serve as the on-point liaison during security incidents impacting HPEFS, coordinating with CDRM’s centralized incident response team and driving business-side remediation and communication
  • oversee vulnerability management for HPEFS assets, ensuring issues are tracked, prioritized, and remediated in alignment with regulatory timelines and enterprise standards
  • partner with the HPEFS IT leader to align on security priorities, infrastructure controls, and technology programs impacting financial services operations
  • support closure of audit, regulatory, and compliance findings through coordination of corrective action plans and, where appropriate, risk acceptance processes
  • monitor evolving regulatory requirements and industry trends, advising leadership on compliance gaps, risk exposure, and readiness for regulatory examinations
  • influence enterprise cybersecurity priorities by advocating for HPEFS needs within the broader CDRM strategy
What we offer
What we offer
  • health and wellbeing benefits
  • personal and professional development programs
  • unconditional inclusion in the workplace.
  • Fulltime
Read More
Arrow Right

Lead Auditor

Our people are ambitious and humble, believing in what they do and convinced tha...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess a bachelor's degree in information technology (IT)/ information security/ computer science/ cybersecurity/ information systems/ engineering/ business administration (with IT or risk management focus) or any related studies
  • At least 1 - 5 years of experience in information technology, information security, risk management or compliance environment
  • Attend a certified ISO/IEC 27001 Lead Auditor course
  • Familiarity with ISO standards, especially ISO/IEC 27001
  • Strong knowledge of information security principles
  • Work for a certification body conducting third-party audits (will be an advantage)
Job Responsibility
Job Responsibility
  • Plan, lead and conduct audits of Information Security Management Systems (ISMS)
  • Ensure that an organization complies with the ISO/IEC 27001 standard, which is the international standard for information security
  • Lead audit teams during internal or external audits
  • Provide recommendations for corrective actions and improvements
Read More
Arrow Right

Chief Information Security Officer

We are seeking an experienced Chief Information Security Officer to lead our inf...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
sokin.com Logo
Sokin
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in information security with 5+ years in senior security leadership roles
  • Experience in regulated financial services (payments, banking, or fintech)
  • Track record of building and leading security teams in scale-up environments
  • Experience with FCA regulation, PCI-DSS compliance, and financial services audits
  • Hands-on experience with security incident response and crisis management
  • Deep knowledge of AWS security services (GuardDuty, Security Hub, WAF, KMS, CloudTrail, Config)
  • Experience with containerised environments (EKS/Kubernetes) and serverless security
  • Strong understanding of network security, zero trust architecture, and micro-segmentation
  • Proficiency with SIEM platforms (Splunk, Datadog Security, or equivalent)
  • Knowledge of application security tools: Wiz, SonarQube, Burp Suite, OWASP ZAP
Job Responsibility
Job Responsibility
  • Define and execute the enterprise information security strategy aligned with business objectives
  • Establish and maintain the Information Security Management System (ISMS) to support constant certification readiness with PCI DSS, ISO 27001 and SOC2
  • Own security policies, standards, and procedures across the organisation
  • Report to the Board and senior leadership on security posture, risk exposure and programme maturity
  • Manage security budget and resource allocation
  • Lead enterprise security risk assessments and maintain the infosec item on the risk register
  • Ensure compliance with FCA operational resilience requirements and SYSC guidelines
  • Maintain PCI-DSS Level 1 compliance across payment processing infrastructure
  • Oversee GDPR, UK Data Protection Act, and international privacy compliance
  • Manage relationships with external auditors, penetration testers, and regulatory bodies
What we offer
What we offer
  • Competitive salary and equity participation
  • Hybrid working with flexibility
  • Private healthcare
  • Pension contribution
  • Professional development budget
  • Opportunity to shape security strategy at a high-growth fintech
Read More
Arrow Right

Incident Response Technician - Bilingual English/Japanese

The Incident Response Technician - Bilingual English/Japanese role involves anal...
Location
Location
United States , Jersey City
Salary
Salary:
117000.00 - 156000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience working in Cybersecurity Operations or Information Security
  • Bilingual English/Japanese
  • Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related discipline
  • Relevant technical and industry certifications, such as CISSP, ISSMP, SANS, GIAC, GCIA, CISM, CEH, GCFA, GCFE, GCIH, or GSEC are preferred
  • Experience in one or more security domains including Incident Response and Forensics, Security Governance and Oversight, Security Risk Management, Network Security, or Threat and Vulnerability Management preferred
  • Experience with information security risk management, including information security audits, reviews, and risk assessments
  • Strong Incident Response knowledge and experience
  • Theoretical and practical knowledge with Mac OS, Linux, Windows operating systems and clouds
  • Experience with security data collection, analysis and correlation
  • Well-developed analytic, qualitative, and quantitative reasoning skills
Job Responsibility
Job Responsibility
  • Conduct analysis of artifacts to determine methods of intrusion and best course of resolution while driving security improvement
  • Investigate potential cybersecurity events across multiple environments using various tools and techniques
  • Development of information security policies, standards, and procedures
  • Support inquiries from compliance teams such as IT risk management and internal and external auditors to ensure documentation is complete and processes are in compliance with information security policies
  • Create reports analyzing activities or trends both within and outside of the organization
  • Support the development of security operations detections, playbooks, and automations to ensure threat detection, monitoring, response, and forensics activities align with best practices, minimize gaps in detection and response, and provide comprehensive mitigation of threats
  • Reviews internal logs and alerts to identify potential cybersecurity events
  • Triage cases based on output from automated alerts, and determine when to escalate to other teams
  • Monitors external service provider activity to detect potential cybersecurity events
  • Analyzes security data from all systems in real time to spot and thwart potential threats, attacks, and other violations
What we offer
What we offer
  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Senior Information Security Auditor

The Senior Information Security Auditor is responsible for leading internal audi...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in ISO standards and GDPR
  • At least 5 years of experience in information security or IT audit roles
  • Excellent communication skills
  • Excellent analytical skills
Job Responsibility
Job Responsibility
  • Leading internal audits
  • Ensuring compliance with security standards
  • Mentoring junior auditors
Read More
Arrow Right