Senior IT Security Auditor

Job Title: Senior IT Security Auditor

We are seeking a highly skilled Senior IT Security Auditor to join our Information Security team. In this role, you will assess, monitor, and enhance the organization's security posture by conducting audits, evaluating controls, and ensuring compliance with industry standards and regulatory requirements. You will work closely with cross-functional teams, providing insights that strengthen risk management and safeguard sensitive information.

Key Responsibilities
* Plan, execute, and lead IT security audits across various systems, networks, and processes.
* Assess vulnerabilities, misconfigurations, and risks related to cybersecurity threats.
* Evaluate adherence to policies, frameworks, and standards such as ISO 27001, NIST, GDPR, PCI-DSS, etc.
* Provide actionable recommendations to enhance security controls and mitigate risks.
* Collaborate with IT, legal, and operations teams to ensure compliance and implement security best practices.
* Conduct risk assessments, penetration tests (where applicable), and gap analyses.
* Prepare detailed audit reports, present findings to senior management, and support remediation efforts.
* Stay up-to-date with the latest security threats, technologies, and regulatory changes.
* Mentor junior auditors and contribute to building a robust audit framework.

Qualifications

• Bachelor's or Master's degree in Information Technology, Cybersecurity, or related field
• 3+ years of experience. Degree or relevant experience. Worked for a software/services org.
• In-depth knowledge of security frameworks (ISO 27001, NIST, CIS, etc.)
• Familiarity with regulatory requirements (GDPR, PCI-DSS, HIPAA, etc.)
• Hands-on experience with security tools and technologies (firewalls, IDS/IPS, endpoint protection, etc.)
• Strong analytical, problem-solving, and communication skills
• Professional certifications such as CISA, CISSP, or CRISC are a plus