CrawlJobs Logo

Lead Auditor ISO 27001

bureauveritas.cz Logo

Bureau Veritas Certification CZ, s.r.o.

Location Icon

Location:
Slovenia , Lubjana

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking an experienced and autonomous Lead Auditor ISO 27001 to support information security audit activities with clients in Slovenia and potentially across the wider geographic region. This is a freelance, call-based position with interventions scheduled according to agreed planning. Ideal for a seasoned professional with consolidated experience, operational flexibility, and the ability to manage complex audits independently.

Job Responsibility:

  • Conduct ISO 27001 audits: Plan, execute, and report on information security compliance audits at client organizations
  • ISMS assessment: Verify implementation and effectiveness of Information Security Management Systems
  • Non-conformities and recommendations: Identify gaps, prepare detailed reports, and suggest improvement measures
  • Stakeholder communication: Pre-audit briefings, exit meetings, and results discussion with management and IT/Security teams
  • Documentation: Completion of checklists, evidence gathering, photography, and audit documentation per international standards
  • Operational flexibility: Availability for scheduled interventions and, if necessary, short-notice assignments according to planning requirements

Requirements:

  • Lead Auditor ISO 27001 certification (IRCA, PECB, Exemplar Global, or equivalent recognized body)
  • Minimum 3 years of experience in ISO 27001 audits or ISMS
  • Experience conducting audits in Slovenian organizations (or familiarity with Slovenian/EU regulatory context)
  • Strong knowledge of ISMS, risk management, compliance, and information security governance
  • Deep knowledge of ISO/IEC 27001:2022 (and previous versions)
  • Familiarity with NIST Cybersecurity Framework, ISO 27002, ISO 27035 (incident management)
  • Experience with audit methodologies (sampling, evidence gathering, risk-based approach)
  • Ability to assess technical and organizational ISMS controls
  • Basic knowledge of IT environments, cloud infrastructures, data protection (GDPR)
  • Autonomy and reliability
  • Communication
  • Flexibility
  • Problem-solving
  • Professional integrity
  • Slovenian: Fluent (spoken and written) – Essential
  • English: Good level (for technical documentation and international communication)

Additional Information:

Job Posted:
May 09, 2026

Work Type:
On-site work
Icon
Bureau Veritas Certification CZ, s.r.o. - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Lead Auditor ISO 27001

Information Security Consultant

PGI is seeking experienced Information Security Consultants to join our contract...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven people and relationship management skills
  • Demonstrable experience providing Information Assurance consultancy
  • Experience in or knowledge of the PCI DSS standard, NIST CSF, DORA, GDPR/DPA
  • ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, Business Continuity or Cloud Security accreditations are highly desirable
  • Experience in conducting risk assessments and forming risk management policies
  • Excellent verbal and written communication skills, with the ability to present to clients and business stakeholders
  • A positive approach to problem-solving and possesses the ability to work smart and collaboratively to prioritise and set deadlines
Job Responsibility
Job Responsibility
  • Engaging confidently with clients relating to solving Information Security Governance, Risk, and Compliance problems
  • Providing hands-on compliance and consultancy services across a range of requirements for clients, such as ISO 27001, business continuity, data protection, DORA, or other regulatory compliance needs, including IASME Cyber Essentials
  • Support colleagues in delivery by also assisting with: Information Security Management System (ISMS) design and implementation
  • GDPR gap assessments and implementation support
  • PCI DSS scoping, gap assessments, implementation guidance, and compliance reporting
  • Maturity Assessments
  • Third-party / supplier assurance reviews
  • Providing expertise to enhance our international capacity-building offer and value
  • Contribute towards the maintenance of PGI’s own accreditations, including ISO 27001, ISO 9001 and business continuity as well as compliance with data protection regulations
  • Maintaining your own continuing professional development, keeping up to date with security industry trends and best practices
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right

Subcon Tutor (ISO Lead Auditor)

We are seeking highly qualified and experienced ISO Lead Auditors to join our ta...
Location
Location
Philippines , Makati, Manila; NCR; Visayas; Mindanao
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must have a valid Lead Auditor Training Course certification in one or more of the following: ISO 9001 (QMS)
  • ISO 14001 (EMS)
  • ISO 45001 (OSH)
  • ISO 27001 (ISMS)
  • ISO 21001 (EOMS)
  • At least 5 years of working experience in applicable industries such as: Construction
  • Maritime
  • Shipping
  • Academe
  • Manufacturing
What we offer
What we offer
  • Flexible Work Arrangements: Work as a subcontractor tutor in your preferred location
  • Professional Growth: Enhance your skills and knowledge through continuous learning and development opportunities
  • Impactful Work: Contribute to the success of various industries by ensuring compliance with ISO standards
Read More
Arrow Right

Supplier Security Specialist

We are seeking a Supplier Security Analyst to support the end-to-end security as...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced in third-party security risk management within complex global organisations
  • Knowledgeable in ISO security standards and security management processes
  • Skilled in stakeholder engagement, with strong communication and influencing capabilities
  • Able to analyse complex information and present findings in a clear, accessible format
  • Familiar with supplier governance and technical countermeasures
  • Professional certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, or ISO 22301 Lead Auditor
Job Responsibility
Job Responsibility
  • Act as a subject matter expert on supplier security, including due diligence testing, assessments, and contract negotiations
  • Conduct security assessments based on supplier criticality and initiate appropriate assurance responses
  • Monitor ongoing compliance and manage supplier onboarding, monitoring, and offboarding processes
  • Develop and operate processes, tools, and reports that support supplier security activities
  • Continuously improve the Supplier Security framework in line with evolving threats and industry best practices
What we offer
What we offer
  • Hybrid way of working: 2 days from office per week (8 per month)
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the following options: meal tickets / private pension / vacation vouchers / cultural vouchers - within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education
  • We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off
  • Special Paternal Program - 4 months of paid paternity leave
  • Fulltime
Read More
Arrow Right

ISO Quality Compliance Manager

We are seeking an experienced and detail-oriented ISO Quality Compliance Manager...
Location
Location
Pakistan , Rawalpindi
Salary
Salary:
Not provided
translation-empire.pk Logo
Translation Empire
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of ISO standards (e.g., ISO 9001, ISO 27001, ISO 14001)
  • Extensive experience in auditing, quality management systems (QMS), and regulatory compliance
  • Experience in [Insert Industry, e.g., Manufacturing, IT, Healthcare, etc.]
  • Knowledge of other standards like ISO 45001, GDPR compliance, or sector-specific regulations
  • Experience with risk management and business continuity planning
Job Responsibility
Job Responsibility
  • Manage and ensure ongoing compliance with ISO standards (e.g., ISO 9001, ISO 27001, ISO 14001)
  • Lead and coordinate ISO certification, surveillance, and recertification audits
  • Develop, implement, and maintain the company’s Quality Management System (QMS) in alignment with ISO and regulatory requirements
  • Review and update quality policies, procedures, manuals, and process documentation regularly
  • Plan, organize, and conduct internal and external audits
  • ensure timely closure of non-conformities
  • Identify gaps and areas for improvement
  • lead corrective and preventive action plans (CAPA)
  • Deliver ISO standards and compliance-related training and awareness programs to employees
  • Promote a culture of quality, compliance, and continuous improvement across all departments
  • Fulltime
Read More
Arrow Right
New

Senior Technology Risk Analyst

The Commercial & New Payment Flows Technology Risk team is seeking a Technology ...
Location
Location
Ireland , Dublin 18
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
October 10, 2026
Flip Icon
Requirements
Requirements
  • Experience: Ideal experience working within digital and technology functions, preferably in a compliance role
  • Reasonable understanding of security and quality management frameworks such as ISO 27001/27002, ISO 9001, ISO 27701, and PCI
  • Bachelor’s degree or equivalent combination of education and experience, or a Bachelor’s degree in computer science, information technology, or a related field is preferred
  • One or more professional certifications like CISA or CISSP (desirable)
  • Professional certifications ISO 27001, ISO 9001 Lead Auditor, and Implementer
  • Reasonable understanding of information security domains and possesses a well-rounded technical background
  • Basic knowledge of infrastructure and application security would be desirable
  • Experience working on GRC tools like Archer would be a significant advantage
  • Excellent communication and problem-solving skills and able to collaborate across global team
  • Demonstrated experience in managing complex projects related to information security
Job Responsibility
Job Responsibility
  • Provide consultancy and central coordination for security and compliance activities, encompassing the implementation of ISO 27001, ISO 9001, and ISO 27701, as well as PCI standards within the organisation
  • Identify potential security risks and issues through control assessments and ensure their resolution within specified timelines
  • Establish and monitor remediation efforts both internally and externally until resolution, while simultaneously enhancing the design and operational efficiency of controls
  • Document the outcomes of assessments and prepare assessment reports for key stakeholders
  • Prepare compliance status reports and dashboards for key initiatives, plans, and audit tracking of current processes in accordance with management requirements
  • Data Aggregation & reporting for various risk & compliance activities in support of the larger risk management practices
  • Fulltime
Read More
Arrow Right

Risk and Compliance Manager

The Program Manager position will report to the Head of Risk for the India team ...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of experience in IT audit, compliance, control monitoring or a related field
  • Experience with SOC 2, ISO 27001/27018, HIPAA, PCI, C5 and GDPR frameworks and requirements
  • Familiarity with compliance frameworks and standards such as NIST 800-53
  • Experience with the software development business for cloud service providers
  • Experience with Technology Risk Management, Compliance and Information Security
  • Experience with control and risk frameworks, performing compliance and risk assessments, creating controls and overseeing mitigation projects
  • Experience with translating compliance requirements to engineering and product teams
  • Experience with determining scope, timeline creation, complex project tracking, risk management, and process improvement
  • Familiarity with Jira and Confluence
  • Relevant certifications such as CISA, CISSP, or ISO 27001 Lead Auditor are highly desirable
Job Responsibility
Job Responsibility
  • Perform design and operating effectiveness testing on controls to ensure compliance with SOC 2, ISO 27001/27018, C5, HIPAA and other compliance obligations
  • Collaborate with control owners to review the design and effectiveness of controls, ensuring they meet certification requirements
  • Identify any gaps in compliance and work with relevant teams to remediate findings before the external audit
  • Drive control automation & control monitoring efforts
  • Maintain comprehensive documentation of controls, testing procedures, and evidence to support compliance efforts
  • Work closely with internal stakeholders, including product and functional teams, to address architectural, infrastructure, or new services that impact compliance
  • Assist in preparing for external audits by ensuring all necessary documentation and evidence are in place and up to date
  • Assess and document the impact of control gaps in SOC reports of critical third party suppliers
  • Identify compensating controls and follow up with business owners
  • Perform design and operating effectiveness testing on predefined Privacy controls to ensure compliance with GDPR
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Lead Auditor

Our people are ambitious and humble, believing in what they do and convinced tha...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess a bachelor's degree in information technology (IT)/ information security/ computer science/ cybersecurity/ information systems/ engineering/ business administration (with IT or risk management focus) or any related studies
  • At least 1 - 5 years of experience in information technology, information security, risk management or compliance environment
  • Attend a certified ISO/IEC 27001 Lead Auditor course
  • Familiarity with ISO standards, especially ISO/IEC 27001
  • Strong knowledge of information security principles
  • Work for a certification body conducting third-party audits (will be an advantage)
Job Responsibility
Job Responsibility
  • Plan, lead and conduct audits of Information Security Management Systems (ISMS)
  • Ensure that an organization complies with the ISO/IEC 27001 standard, which is the international standard for information security
  • Lead audit teams during internal or external audits
  • Provide recommendations for corrective actions and improvements
Read More
Arrow Right