CrawlJobs Logo
Bureau Veritas Certification CZ, s.r.o. Logo Bureau Veritas Certification CZ, s.r.o. · IT - Administration

Lead Auditor ISO 27001

Slovenia, Lubjana · Job Posted May 09, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced and autonomous Lead Auditor ISO 27001 to support information security audit activities with clients in Slovenia and potentially across the wider geographic region. This is a freelance, call-based position with interventions scheduled according to agreed planning. Ideal for a seasoned professional with consolidated experience, operational flexibility, and the ability to manage complex audits independently.

Job Responsibility

  • Conduct ISO 27001 audits: Plan, execute, and report on information security compliance audits at client organizations
  • ISMS assessment: Verify implementation and effectiveness of Information Security Management Systems
  • Non-conformities and recommendations: Identify gaps, prepare detailed reports, and suggest improvement measures
  • Stakeholder communication: Pre-audit briefings, exit meetings, and results discussion with management and IT/Security teams
  • Documentation: Completion of checklists, evidence gathering, photography, and audit documentation per international standards
  • Operational flexibility: Availability for scheduled interventions and, if necessary, short-notice assignments according to planning requirements

Requirements

  • Lead Auditor ISO 27001 certification (IRCA, PECB, Exemplar Global, or equivalent recognized body)
  • Minimum 3 years of experience in ISO 27001 audits or ISMS
  • Experience conducting audits in Slovenian organizations (or familiarity with Slovenian/EU regulatory context)
  • Strong knowledge of ISMS, risk management, compliance, and information security governance
  • Deep knowledge of ISO/IEC 27001:2022 (and previous versions)
  • Familiarity with NIST Cybersecurity Framework, ISO 27002, ISO 27035 (incident management)
  • Experience with audit methodologies (sampling, evidence gathering, risk-based approach)
  • Ability to assess technical and organizational ISMS controls
  • Basic knowledge of IT environments, cloud infrastructures, data protection (GDPR)
  • Autonomy and reliability
  • Communication
  • Flexibility
  • Problem-solving
  • Professional integrity
  • Slovenian: Fluent (spoken and written) – Essential
  • English: Good level (for technical documentation and international communication)
Bureau Veritas Certification CZ, s.r.o. - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Lead Auditor ISO 27001

8 matching positions

Subcon Tutor (ISO Lead Auditor)

We are seeking highly qualified and experienced ISO Lead Auditors to join our ta...
Location
Location
Philippines , Makati, Manila; NCR; Visayas; Mindanao
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must have a valid Lead Auditor Training Course certification in one or more of the following: ISO 9001 (QMS)
  • ISO 14001 (EMS)
  • ISO 45001 (OSH)
  • ISO 27001 (ISMS)
  • ISO 21001 (EOMS)
  • At least 5 years of working experience in applicable industries such as: Construction
  • Maritime
  • Shipping
  • Academe
  • Manufacturing
What we offer
What we offer
  • Flexible Work Arrangements: Work as a subcontractor tutor in your preferred location
  • Professional Growth: Enhance your skills and knowledge through continuous learning and development opportunities
  • Impactful Work: Contribute to the success of various industries by ensuring compliance with ISO standards
Read More
Arrow Right

Lead Auditor - Cybersecurity Assurance

General Motors Audit Services (GMAS) is seeking a Lead Auditor, Cybersecurity As...
Location
Location
United States , Detroit
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or a related field (or equivalent related experience)
  • 5+ years of experience in IT audit, cybersecurity, risk management, or technology assurance, including leading engagements and guiding teams through planning, testing, and reporting
  • Strong understanding of cybersecurity and technology risk, including evaluating confidentiality, integrity, and availability (CIA) across complex, interconnected systems
  • Strong knowledge of internal controls and risk frameworks such as NIST CSF, NIST 800-53, COBIT, ISO 27001, or similar frameworks
  • Understanding of technology infrastructure and operations (e.g., endpoint/server hardening, monitoring, backup/recovery, and change/release practices)
  • Experience assessing controls across core cybersecurity domains such as Identity & Access Management (IAM), privileged access, logging and monitoring, incident response, backup and recovery, vulnerability management, and security configuration controls
  • Strong written and verbal communication skills
  • Demonstrated ability to work independently, exercise sound judgment, manage multiple priorities, and deliver results in a fast-paced environment
  • Domestic travel: 5%–10%. International travel: possible
Job Responsibility
Job Responsibility
  • Lead end-to-end cybersecurity assurance engagements, including scoping, planning, fieldwork, issue development, and reporting
  • Evaluate the effectiveness of cybersecurity controls across key risk areas such as identity and access management, logging and monitoring, vulnerability management, incident response, backup and recovery, and security configuration
  • Apply a risk-based perspective to identify control gaps, emerging threats, and opportunities to improve cybersecurity resilience
  • Review testing workpapers and evidence to ensure conclusions are clear, supportable, and aligned to audit standards and methodology
  • Develop concise, executive-ready reports that clearly articulate risk, root cause, and practical corrective actions
  • Present results and themes to business and technology leaders, including senior management, and align remediation priorities
  • Coach and support team members throughout the audit lifecycle, including testing strategy, issue validation, and stakeholder communication
  • Build strong working relationships with stakeholders across cybersecurity, IT, privacy, compliance, and other relevant functions
  • Contribute to continuous improvement of the cybersecurity assurance program, including risk assessment, planning, and reusable testing approaches
  • Monitor remediation activity and validate that agreed actions appropriately address identified risk
  • Fulltime
Read More
Arrow Right

Lead Auditor

Our people are ambitious and humble, believing in what they do and convinced tha...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
Not provided
bureauveritas.cz Logo
Bureau Veritas Certification CZ, s.r.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess a bachelor's degree in information technology (IT)/ information security/ computer science/ cybersecurity/ information systems/ engineering/ business administration (with IT or risk management focus) or any related studies
  • At least 1 - 5 years of experience in information technology, information security, risk management or compliance environment
  • Attend a certified ISO/IEC 27001 Lead Auditor course
  • Familiarity with ISO standards, especially ISO/IEC 27001
  • Strong knowledge of information security principles
  • Work for a certification body conducting third-party audits (will be an advantage)
Job Responsibility
Job Responsibility
  • Plan, lead and conduct audits of Information Security Management Systems (ISMS)
  • Ensure that an organization complies with the ISO/IEC 27001 standard, which is the international standard for information security
  • Lead audit teams during internal or external audits
  • Provide recommendations for corrective actions and improvements
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Principal Information Security Manager

This is not a build-from-scratch role. It is a step up in maturity: fewer manual...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on InfoSec experience in a SaaS or B2B tech company
  • Proven ownership of ISO 27001 and/or SOC 2 programs
  • Track record of representing InfoSec to enterprise customers, including security reviews and escalations
  • Fluent in German and English
  • Comfortable with AI-driven tooling
  • actively looks for automation opportunities in compliance and operations
Job Responsibility
Job Responsibility
  • Lead ISO 27001 and SOC 2 audit cycles end-to-end in preparation, evidence collection, auditor management, and findings remediation
  • Own the control framework and ensure it stays current as the business evolves
  • Prepare the InfoSec program for investor and M&A due diligence scrutiny
  • Own the response to enterprise customer security questionnaires and RFPs
  • Represent Staffbase credibly in customer security reviews, calls, and audits
  • Build scalable approaches (automation, templates, knowledge base) to reduce response time without sacrificing quality
  • Maintain the risk register and drive risk treatment decisions with relevant stakeholders
  • Own vendor security assessments for critical and high-risk suppliers
  • Partner with Procurement and Legal on AI-assisted review workflows
  • Own the internal security policy framework, keep it current, understandable, and enforced
What we offer
What we offer
  • attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • flexible working time models and the option of hybrid work
  • yearly flex work allowance of €1560
  • 31 vacation days annually (incl. one floating holiday)
  • pro rata fully paid Fridays off during August
  • company pension scheme
  • one day off per year for supporting a social project (Volunteers Day)
  • Fulltime
Read More
Arrow Right

Risk & Compliance Auditor

J. J. Keller is seeking a Risk & Compliance Auditor to help strengthen and maint...
Location
Location
United States , Neenah
Salary
Salary:
Not provided
themuse.com Logo
The Muse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Business or related field required
  • Minimum of 3 years of related auditing experience required, including exposure to information security controls
  • Experience addressing security and compliance terms in commercial contracts
  • Experience with ISO 27001 and privacy frameworks, and auditing to those frameworks
  • Experience completing security questionnaires and evaluating vendors
  • Experience with Governance, Risk and Compliance tools
  • Strong interpersonal, written, and verbal communication and presentation skills
  • Strong analytical, problem-solving, and conflict management skills
  • A curious and practical mindset that can balance compliance with ethical and business needs
  • Ability to work cross-functionally, with many teams, including sales, infrastructure, security, and product teams
Job Responsibility
Job Responsibility
  • Coordinates and conducts internal and external audits for SOC 2 Type II, ISO 27001, PCI-DSS, Professional Background Screening Association standards (FCRA) and other standards
  • Evaluates audit results, recommends improvements, and issues deficiency notices as needed
  • Evaluates, monitors and consults on resulting corrective action plans and remediation efforts
  • Coordinates and manages the completion of penetration tests with external consultants and internal resources, and the development, implementation, and monitoring of related corrective action plans, and distribution of resulting reports to interested parties
  • Reviews policies, guidance and training for information security, and provides consulting services promoting overall achievement of corporate security objectives and compliance with regulatory and customer requirements
  • Maintains security incident response plans and metrics
  • Leads evaluation of security incident reports, and execution of incident response efforts, including task management, resource coordination, after action reviews, and incident documentation
  • Participates in business continuity efforts by assisting with annual security incident tabletop exercises and generating a post-exercise review
  • Manages the Optro Governance, Risk & Compliance software platform, including creating audits, deploying audit questions, entering corrective actions, generating reports and monitoring completion status
  • Triages security policy exceptions
What we offer
What we offer
  • Health Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short-Term Disability
  • Long-Term Disability
  • FSA
  • On-Site Gym
  • Mental Health Benefits
  • Virtual Fitness Classes
  • Fulltime
Read More
Arrow Right