Senior Information Security Auditor

Join to apply for the Senior Information Security Auditor role at Boubyan Consulting Company

3 days ago Be among the first 25 applicants

Join to apply for the Senior Information Security Auditor role at Boubyan Consulting Company

Get AI-powered advice on this job and more exclusive features.

• Conducting IT and security audits: Lead and perform comprehensive IT security audits to evaluate the effectiveness of an organization's information security controls and measures. This involves assessing security policies, procedures, systems, and practices.
• Risk assessment: Identify and analyze potential security risks and vulnerabilities within an organization's information systems. Develop risk mitigation strategies, recommend remediation plans, and implement necessary controls to minimize risks.
• Compliance monitoring: Ensure that the organization complies with relevant security regulations, standards, and best practices such as ISO 27001, NIST, GDPR, etc. Keep track of regulatory changes and update security policies and procedures accordingly.
• Security incident response: Develop and implement incident response plans to address and resolve security breaches, incidents, or violations. Conduct forensic investigations, collect evidence, and provide reports on the findings.
• Security awareness and training: Develop and deliver security awareness programs and training sessions to educate employees about information security policies, procedures, and best practices. Promote a culture of security awareness and help create a cybersecurity-conscious workforce.
• Security controls evaluation: Evaluate the implementation and effectiveness of security controls such as access controls, encryption mechanisms, firewall configurations, intrusion detection systems, and other security technologies. Identify gaps or weaknesses and recommend improvements.
• Security documentation and reporting: Prepare detailed audit reports, documenting findings, recommendations, and remediation plans. Maintain accurate audit records and ensure compliance with documentation standards.
• Continuous improvement: Stay updated with the latest trends, technologies, and practices in information security. Continuously improve auditing methodologies, tools, and frameworks to enhance the effectiveness and efficiency of the audit process.
• Team leadership and collaboration: Provide guidance, support, and mentorship to junior auditors.
• Communication and stakeholder management: Effectively communicate audit findings, risks, and recommendations to results.
  
  
  • Conducting IT and security audits: Lead and perform comprehensive IT security audits to evaluate the effectiveness of an organization's information security controls and measures. This involves assessing security policies, procedures, systems, and practices.
  • Risk assessment: Identify and analyze potential security risks and vulnerabilities within an organization's information systems. Develop risk mitigation strategies, recommend remediation plans, and implement necessary controls to minimize risks.
  • Compliance monitoring: Ensure that the organization complies with relevant security regulations, standards, and best practices such as ISO 27001, NIST, GDPR, etc. Keep track of regulatory changes and update security policies and procedures accordingly.
  • Security incident response: Develop and implement incident response plans to address and resolve security breaches, incidents, or violations. Conduct forensic investigations, collect evidence, and provide reports on the findings.
  • Security awareness and training: Develop and deliver security awareness programs and training sessions to educate employees about information security policies, procedures, and best practices. Promote a culture of security awareness and help create a cybersecurity-conscious workforce.
  • Security controls evaluation: Evaluate the implementation and effectiveness of security controls such as access controls, encryption mechanisms, firewall configurations, intrusion detection systems, and other security technologies. Identify gaps or weaknesses and recommend improvements.
  • Security documentation and reporting: Prepare detailed audit reports, documenting findings, recommendations, and remediation plans. Maintain accurate audit records and ensure compliance with documentation standards.
  • Continuous improvement: Stay updated with the latest trends, technologies, and practices in information security. Continuously improve auditing methodologies, tools, and frameworks to enhance the effectiveness and efficiency of the audit process.
  • Team leadership and collaboration: Provide guidance, support, and mentorship to junior auditors.
  • Communication and stakeholder management: Effectively communicate audit findings, risks, and recommendations to results.
    
    
  Job Requirements
  • Relevant University Degree in Information Security or Information Technology.
  • Professional Qualifications in Information Security.
  • Minimum 5 Years of Experience in IT audit or Information Security Audit.
  • Have a Valid Transferrable Visa in Kuwait.
    
    
  About Boubyan Consulting
  
  We are offering the following services to clients:- Internal Audit - Risk Management - Corporate Governance - Internal Controls review and assessment - Regulatory Compliance Advisory Services- Management Consulting- TrainingSeniority level
  • Seniority levelMid-Senior level
  Employment type
  • Employment typeFull-time
  Job function
  • Job functionAdministrative
  • IndustriesBusiness Consulting and Services

Referrals increase your chances of interviewing at Boubyan Consulting Company by 2x

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.