ISO 27001 Senior Auditor

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next‑generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks. We’re not your traditional audit firm — we’re tech‑enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients. Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest‑growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC. Key Responsibilities Lead the planning, execution, and reporting of ISO 27001 audit and readiness engagements. Evaluate the design and effectiveness of technology and security controls. Supervise, coach, and mentor junior auditors, fostering a culture of learning and continuous improvement. Review and approve audit workpapers and deliverables to ensure accuracy and quality. Identify and communicate audit findings, risks, and improvement opportunities. Manage client relationships and lead client meetings to discuss findings and recommendations. Collaborate with management to enhance audit methodologies and leverage compliance automation tools. Provide regular project status updates and proactively communicate potential issues. Requirements 4–6 years of experience performing ISO 27001 or IT audit engagements at a Big 4 or other reputable audit/consulting firm. Proven experience leading small teams or mentoring junior staff. Strong communication and relationship‑building skills. Excellent organizational and project management abilities. Proactive, self‑motivated, and detail‑oriented mindset. Fluency in English (required); French proficiency is a plus. Experience with GRC and compliance automation tools (e.g., Vanta, Drata, Secureframe) is a plus. Education and Certifications Bachelor’s degree in Accounting, Business, Cybersecurity, or Information Systems. Active or in‑progress certifications such as ISO 27001 Lead Auditor, CISA, CISSP, CPA, or ISO/IEC 17021‑1. What We Offer Flexible Paid Time Off and paid holidays. Performance Bonuses based on impact. Hybrid work model — collaborate both remotely and in‑office (Panama City). Global exposure and mentorship opportunities within a rapidly growing cybersecurity firm. Continuous professional development and certification support. Privacy Notice CCPA Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process. Insight Assurance does not sell personal data/information under any circumstances. You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602 Privacy Notice GDPR This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process. We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross‑referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data. When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope. We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S. #J-18808-Ljbffr