DQS
Website:
dqsglobal.com
Job details:
Job Description: Lead Auditor – Information & Data Security (IDS)
The ideal candidate will be an experienced and certified Information Security Lead Auditor
with a strong background in conducting, leading, and managing audits across international
security standards. As a Lead Auditor – IDS, you will play a pivotal role in delivering
high‑quality audits, guiding audit teams, supporting clients in compliance improvement,
and ensuring adherence to global IDS, ISMS, data privacy, and governance frameworks. You
will act as a subject matter expert for assigned standards and contribute to maintaining
audit excellence within the organization.
Roles and Responsibilities
• Lead and conduct end‑to‑end audits across ISO 27001:2022, ISO 27701, ISO 20000, ISO
22301, ISO 42001, GDPR, SOC 1 & 2, PCI DSS, TISAX, and related frameworks.
• Plan, execute, and manage audit engagements—including opening meetings, evidence
assessment, interviews, control testing, and closing meetings.
• Evaluate the effectiveness of security controls across IT infrastructure, cloud
environments, networks, security tools, and risk management processes.
• Review policies, procedures, technical documentation, and operational processes to
identify non‑conformities, risks, and opportunities for improvement.
• Prepare comprehensive audit reports, NC documentation, corrective action
recommendations, and follow‑up assessments to validate remediation.
• Support clients in understanding audit observations, compliance expectations, and
implementation of security best practices for continuous improvement.
• Lead and mentor junior auditors, guide them on audit methodology, evidence validation,
report writing, and client handling.
• Contribute to internal capability development by improving audit checklists, templates,
methodologies, and evaluation frameworks aligned with global standards.
• Collaborate with internal cross‑functional teams for effective delivery of IDS audit
projects, ensuring customer satisfaction and timely project closure.
• Stay updated with evolving regulatory and compliance requirements including GDPR,
DPDPA 2023, HIPAA, SOX, and emerging security frameworks.
Education / Qualifications
• Bachelor's degree in computer applications, IT, or related disciplines.
• Master's degree in marketing, Information Security, or relevant areas is preferred.
• 10+ years of experience in Information Security Auditing, Cybersecurity Governance, ISMS
operations, or IT security management, with significant hands‑on audit experience.
• Proven experience in conducting audits for ISMS, IDS, privacy, governance, and regulatory
compliance frameworks.
Skills Required
• Strong knowledge of ISMS, ITSM, BCMS, IDS, GDPR, SOC 1 & 2, and international data
protection frameworks.
• Expertise in performing and leading audits across ISO 27001:2022, ISO 27701:2025, ISO
42001, ISO 20000, ISO 22301, PCI DSS, SOC 2 Type II, TISAX, HIPAA.
• Strong competence in assessing cloud security, network security, vulnerability
management, threat monitoring, incident response, DR/BCP, and data protection controls.
• Excellent stakeholder communication, conflict management, and client engagement skills.
• Ability to manage multiple audits independently, prioritize tasks, and deliver within
timelines in a fast‑paced environment.
Certifications Required / Preferred
• ISO 27001:2022 Lead Auditor
• ISO 27701 Lead Auditor
• ISO 42001 AIMS Lead Auditor
• ISO 20000 Lead Auditor
• ISO 22301 Lead Auditor
• TISAX Lead Auditor – AL2/AL3
Click on Apply to know more.