ISO 27001 Lead Auditor

  • Full Time
  • Remote

The ISO 27001 Lead Auditor can be either full-time client serving with the expectation that he / she will work overtime as needed to fulfill job and client responsibilities or a contractor role, depending on the applicant’s circumstances. This position comes along with the expectation that he / she has the ISO 27001 Lead Auditor designation. The ISO 27001 Lead Auditor’s primary duties include planning and performing cybersecurity and compliance assessment services that require expertise in this area, while collaborating closely with management on projects.


Actively Lead projects in the areas of ISO 27001.
Communicate with project stakeholders to effectively convey requirements of technical and process improvements.
Possess a strong knowledge of IT security across various frameworks (i.e NIST, SOC 1/2, etc.).
Demonstrate a strong understanding of current and upcoming trends in cybersecurity compliance.
Work on multiple projects in varying stages through completion and issuance of final deliverables.

The Company’s primary office location is in St. Petersburg, Florida; however, the position can be conducted remotely, with travel to various client locations as needed.
Communicate progress to managers and partners.
Monitor work flow and deliver high quality deliverables.
Develop and maintains strong client relationships with client personnel and prospective clients.
Expect 25 – 50% travel depending on COVID related restrictions.
Scope, plan and execute projects related to our service offerings (SOC reporting, PCI, HIPAA, ISO 27000, NIST 800-53/171, HITRUST, Vendor Privacy Assurance, GDPR and various other risk-based projects) with a primary focus on ISO ISMS audits (approximately 60-70%).
Work on multiple projects in varying stages through completion and issuance of final deliverables.
Function within and maintain a team environment.
Oversee and / or assist in the development and cross training of other personnel.
Significant experience (minimum 2 years) in leading ISO 27001 audits or assessments.


Bachelor’s Degree in Management Information Systems, Accounting, Finance or related field.
At least 4 years practical work experience in IT with at least 2 years with a role / function relating to information security.
Has successfully completed 5 days of training covering ISMS audits and currently holds any of the following: CPA, CISA, CISSP, PCI QSA and / or CIA or equivalent certification.
Gained experience by performing as an auditor in training monitored by an ISMS evaluator in at least one ISMS initial certification or re-certification and at least one surveillance.


Significant knowledge of ISO 27001.
Communicate effectively across business and technical boundaries.
Work independently with minimal guidance.
Be proficient in writing executive level reports and technical documentation.
Connect easily with clients and colleagues.
Currently holds the ISO 27001 Lead Auditor designation.
2 to 5 years of cybersecurity, public accounting, or IT auditing experience.
Professional with good oral and written communication skills; strong computer skills (Microsoft Office).
Demonstrated consistency in values, principles, and work ethic.
Strong, demonstrated technical skills necessary for scoping and executing projects.
Excellent organizational skills, with the ability to pull projects over the finish line.
Professional services industry experience in a related field preferred
Minimum of 6 ISO 27001 certification projects completed.
ISO 27017, 27018 and/or 27701 experience is desired but not required.
Demonstrated entrepreneurial abilities, client focus, industry savvy, and the ability to work independently and as part of a collaborative team

To apply for this job email your details to