Job Description

Job Summary: Were seeking an experienced Information Security Auditor to join our team. As an Information Security Auditor, you will be responsible for managing audits across Information Technology, Human Resources, and Physical Security. You will assess the effectiveness of our controls, identify risks, and provide recommendations for improvement. Responsibilities: 1. Audit Planning: Plan, coordinate, and execute audits across IT, HR, and Physical Security across the enterprise. 2. Client Audits : Front end client information security audits across WNS locations. 3. Control Evaluation: Evaluate the effectiveness of existing controls, policies, and procedures. 4. Audit Reporting: Prepare and present audit reports to management, highlighting findings, risks, and recommendations. 5. Recommendations and Remediation: Provide recommendations for control improvements and work with stakeholders to implement remediation plans. 6. Compliance: Ensure audits are conducted in accordance with relevant laws, regulations, and industry standards (e.g., HIPAA, PCI-DSS, ISO 27001). Also lead the compliance activities across the enterprise including the annual SOC assessments. 7. Stakeholder Management: Collaborate with stakeholders across IT, HR, and Physical Security to ensure audit objectives are met. Requirements: 1. Education: Bachelors degree in Computer Science, Information Systems, or a related field. 2. Experience: 7-9 years of experience in information security auditing, IT audit, or a related field. 3. Certifications: CISA, CISM, CISSP, or equivalent certifications are preferable. 4. Technical Skills: - Strong knowledge of IT systems, networks, and infrastructure. - Familiarity with security frameworks and standards (e.g., NIST, ISO 27001). - Experience with audit tools and technologies (e.g., ACL, SQL). 5. Soft Skills: - Excellent communication and reporting skills. - Strong analytical and problem-solving skills. - Ability to work independently and as part of a team. Qualifications Degree + ISMS auditor