Security Audit Specialist

Job Description

We are seeking a highly skilled and experienced Contract Security Auditor to join our team for a 1-year engagement. This critical role will be instrumental in enhancing our organization's security posture. The ideal candidate will be an unbiased expert, capable of meticulously assessing our current security controls against various global standards. If you thrive in an environment where you can make a significant impact and demonstrate exceptional performance, this contract offers a unique pathway to a permanent position within our core security team. Responsibilities: As our Contract Security Auditor, you will be responsible for: Comprehensive Security Assessments: Conducting in-depth security audits of our current systems, processes, and controls against established frameworks and regulations including, but not limited to, ISO 27001, SOC 2, HIPAA, and GDPR. Gap Analysis & Risk Identification: Identifying gaps, vulnerabilities, and non-compliance issues within our information security management system (ISMS) and operational procedures. Corrective Action Planning: Developing detailed, actionable recommendations for corrective actions and control improvements, collaborating with relevant teams to ensure practical and effective solutions. Implementation Oversight & Verification: Monitoring and confirming the successful implementation of corrective actions, ensuring that identified deficiencies are fully remediated and bring the organization into compliance. Documentation & Reporting: Creating clear, concise, and comprehensive audit reports, detailing findings, recommendations, and evidence of compliance or non-compliance. Preparation: Assisting in the preparation of documentation, evidence, and personnel for future internal and third party audits Stakeholder Communication: Effectively communicating audit findings, risks, and progress directly to senior management Policy & Procedure Review: Reviewing and providing input on the adequacy and effectiveness of existing security policies, standards, and procedures. Continuous Improvement: Contributing to the continuous improvement of the organization's overall security program and compliance efforts. Qualifications: Experience: Minimum of 7 years of dedicated experience in information security auditing, compliance, or risk management. Demonstrable experience leading and executing audits against multiple frameworks, specifically ISO 27001, SOC 2, HIPAA, and GDPR. Proven track record of successfully identifying control deficiencies and recommending effective remediation strategies. Technical Skills: Strong understanding of information security principles, technologies, and best practices (e.g., access control, network security, data encryption, incident response). Familiarity with common enterprise IT environments, cloud services, and BPO operational models. In depth understanding of US security best practices and requirements Certifications (Highly Preferred): Relevant industry certifications such as CISA, CISSP, CRISC, Lead Auditor certifications (ISO 27001, SOC 2), or similar. Soft Skills: Unbiased & Objective: Proven ability to conduct audits impartially and provide objective assessments. Analytical & Problem-Solving: Exceptional analytical skills with the ability to interpret complex data, identify root causes, and propose practical solutions. Communication: Excellent written and verbal communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences. Interpersonal: Strong interpersonal skills to build rapport and collaborate effectively with diverse teams. Project Management: Ability to manage multiple audit engagements concurrently, prioritize tasks, and meet deadlines. Contract Details: Term: 1-year contract with potential for conversion to a permanent full-time position. Location: Remote Start Date: Immediate availability preferred. Why Join Us? This is an exciting opportunity to play a pivotal role in strengthening the security foundation of a dynamic US based BPO. You will have the autonomy to drive significant change and see the direct impact of your work. For a high-performing individual, this contract serves as a direct pipeline to a long-term career with our growing security team, offering stability and continued professional development. Application Process: To apply, please submit your resume and a cover letter detailing your relevant experience along with your self-introduction video at Navnita.chakravarty@ardem.com About ARDEM Data Services ARDEM is a leading Business Process Outsourcing and Business Process Automation Service provider. For over twenty years ARDEM has successfully delivered business process outsourcing and business process automation services to our clients in USA and Canada. We are growing rapidly. We are constantly innovating to become a better service provider for our customers. We continuously strive for excellence to become the Best Business Process Outsourcing and Business Process Automation company.