Senior Information Security Auditor

• Conducting IT and security audits: Lead and perform comprehensive IT security audits to evaluate the effectiveness of an organization's information security controls and measures. This involves assessing security policies, procedures, systems, and practices.
• Risk assessment: Identify and analyze potential security risks and vulnerabilities within an organization's information systems. Develop risk mitigation strategies, recommend remediation plans, and implement necessary controls to minimize risks.
• Compliance monitoring: Ensure that the organization complies with relevant security regulations, standards, and best practices such as ISO 27001, NIST, GDPR, etc. Keep track of regulatory changes and update security policies and procedures accordingly.
• Security incident response: Develop and implement incident response plans to address and resolve security breaches, incidents, or violations. Conduct forensic investigations, collect evidence, and provide reports on the findings.
• Security awareness and training: Develop and deliver security awareness programs and training sessions to educate employees about information security policies, procedures, and best practices. Promote a culture of security awareness and help create a cybersecurity-conscious workforce.
• Security controls evaluation: Evaluate the implementation and effectiveness of security controls such as access controls, encryption mechanisms, firewall configurations, intrusion detection systems, and other security technologies. Identify gaps or weaknesses and recommend improvements.
• Security documentation and reporting: Prepare detailed audit reports, documenting findings, recommendations, and remediation plans. Maintain accurate audit records and ensure compliance with documentation standards.
• Continuous improvement: Stay updated with the latest trends, technologies, and practices in information security. Continuously improve auditing methodologies, tools, and frameworks to enhance the effectiveness and efficiency of the audit process.
• Team leadership and collaboration: Provide guidance, support, and mentorship to junior auditors.
• Communication and stakeholder management: Effectively communicate audit findings, risks, and recommendations to stakeholders.

• Relevant University Degree in Information Security or Information Technology.
• Professional Qualifications in Information Security.
• Minimum 5 Years of Experience in IT audit or Information Security Audit.
• Have a Valid Transferrable Visa in Kuwait.

We are offering the following services to clients: Internal Audit, Risk Management, Corporate Governance, Internal Controls review and assessment, Regulatory Compliance Advisory Services, Management Consulting, and Training.