ISMS Auditor

Government Advisor | CISO | Board Advisor | Founder and Head of Cyber Risk Services at Cyberhealth Company Description Cyberhealth is a cybersecurity consulting and advisory firm based in Ireland, specializing in strategic governance, regulatory compliance, and resilience-building for organizations across all sectors. We provide expert services in cyber risk management, supply chain security, data protection, and compliance with emerging EU regulations, including NIS2, DORA, the AI Act, and the Cyber Resilience Act. Our services include: Cybersecurity governance and risk advisory Regulatory impact assessments and readiness programs ISO/IEC certification support, including ISO 27001 and ISO 42001 Cybersecurity program design and implementation Incident readiness and response planning Supplier risk management and third-party security assessments Role Description This is a full-time, remote role for an ISO 27001 Implementer / Auditor responsible for supporting clients through the design, implementation, and continual improvement of Information Security Management Systems (ISMS). The successful candidate will conduct ISO 27001 internal audits, perform risk assessments, identify control gaps, and guide organizations toward certification readiness. Daily tasks include developing ISMS documentation (policies, procedures, risk registers, audit reports), conducting internal and supplier audits, advising on corrective actions, and ensuring compliance with relevant information security standards and regulations. The role requires close collaboration with cross-functional teams to ensure that security governance, risk, and compliance practices are embedded across client environments. Key Responsibilities Lead or support ISO/IEC 27001:2022 implementations and internal audits. Conduct information security risk assessments and recommend appropriate controls. Develop and maintain ISMS documentation, audit programs, and corrective action plans. Provide guidance and training to client teams on ISO 27001 requirements and best practices. Perform gap assessments and maturity evaluations against ISO 27001, NIST CSF, and client-specific standards. Support compliance initiatives related to EU cybersecurity regulations (NIS2, DORA, CRA, etc.). Prepare audit reports, management review inputs, and certification readiness documentation. Contribute to continuous improvement initiatives within Cyberhealth’s governance and assurance service lines. Qualifications ISO/IEC 27001 Lead Auditor (LA) or Lead Implementer (LI) certification is mandatory . Minimum 2+ years of hands‑on experience implementing or auditing ISMS frameworks. Strong knowledge of NIST Cybersecurity Framework and other risk management frameworks. Familiarity with EU and international cybersecurity regulations (e.g., NIS2, DORA, CRA, GDPR). Excellent communication, report‑writing, and stakeholder management skills. Strong analytical, problem‑solving, and attention‑to‑detail capabilities. Ability to work independently and remotely while managing multiple client engagements. Experience in consulting or professional services environments preferred. Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Business, or related discipline . Additional certifications (e.g., CISA, CISSP, CISM ) are advantageous. Seniority level Entry level Employment type Full-time Job function Accounting/Auditing and Finance Industries IT Services and IT Consulting #J-18808-Ljbffr