ISO 27001 Specialist - Midrand Verfied

Salary Negotiable Midrand, Gauteng Midrand, Gauteng more than 14 days ago 26-02-2015 8:56:29 AM
26-03-2015 8:56:29 AM
Our client is looking for ISO 27001 Specialist for Contract (6 months – 8 months)
We’re seeking an enthusiastic and skilled ISO 27000 Specialist to provide reliable and effective support to the Senior Manager The ISO 27000 Specialist will be responsible for documenting, implementing, conducting ISO27001 internal audits and maintaining the ISO 27000 system on established policies, procedures and standards throughout the company.
Define, document and implement the ISO 27000 standard within the organization
· Define, Track and manage the ISO 27000 audit schedule
· Liaise with staff to arrange and conduct audits
· Monitor and direct team to act in accordance with company initiatives, processes and methodologies
· Transfer knowledge, monitor team performance on engagements, and provide useful feedback
·
· Prepare audit checklists based on internal policies, procedures, processes and work instructions and against ISO27001 standards
· Gather audit evidence through observation, interview and sampling of documents and records
· Detect non-conformities, recommendations and suggest opportunities for improvement
· Present, to the line manager, key findings in factual audit reports that help to improve the effectiveness of the ISMS
· Monitor the Variance Report Log and liaise with the BPM Manager and IT Gov Manager to ensure non-conformities are corrected in a timely manner
· Run new starter induction sessions for staff, giving an overview of quality and information security
· Help staff understand their information security responsibilities
· Initiate, facilitate, and promote activities to foster ISO 27000 quality, environmental and information security awareness within the organisation
· Identify and, where applicable, give internal quality and information security training in established processes and procedures to staff
· Progress quarterly UK process measures submissions
· Perform monthly compliance checks for all legal, statutory and regulatory requirements
· Facilitate the annual ISO 27000 External Audit Review
· Participates in department-wide process improvement initiatives and special projects.
Assists in performing entity-level risk assessments.
Tracks and reports progress on goals and milestones to project leadership.
Partners with stakeholders to assess the adequacy of the corrective actions taken by management, business, or process owners to improve governance, risk management and control issues in the ISMS environment.
· Ensure all ISO 27000 documents are uploaded and maintained on the Document Management System (DMS)
PERSON SPECIFICATION
This is an excellent opportunity to work within an organisation that is committed to employee welfare and relations.
The candidate must possess the skills needed to assess and report on the conformance and effective implementation of processes, and to contribute to the continual improvement of a quality management system based on the ISO 9001:2008, ISO27001:2005 and ISO14001:2004 standards

Essential
· Bachelor’s Degree in IT Operations, IT or related field or an alternate combination of education and experience which results in equivalent job knowledge
· Strong analytical, technical and auditing skills with exposure to operational, IT, and compliance audits
· Recognised training in the auditing process by an accredited certification body
· Proven experience conducting ISO9001 and ISO27001 audits
· Experience in a recognized process improvement discipline (e.g., Six Sigma, Lean, ISO, etc.)
Understanding of the purpose and structure of ISO9001 and ISO27001
· Expertise in technology controls, COBIT and other relevant IT guidance frameworks
· Secondary education plus five years of work experience or two years’ work experience plus a degree
· Excellent spoken and written English
·
Desirable
· International Register of Certificated Auditors (IRCA) approved
· Understand the purpose and structure of ISO 27000
· Two years' information security work experience
· Experience of process tools such as Visio
· Experience in Information Security Management Systems

Recruiter: first4careers