ISO 27001 Analyst

Job not on LinkedIn

November 4

Apply Now

Receive Emails with Similar Jobs

ISG

WebsiteLinkedInAll Job Openings

Insurance • Legal • Healthcare Insurance

ISG is a national market leader specializing in claim and litigation support services primarily for the insurance and legal sectors. With over 25 years of experience, ISG provides a unique combination of solutions including investigation management, medical management, record management, and clinical services. Their innovative technology and dedicated team of industry experts focus on improving efficiency and reducing claims expenses, ultimately enhancing overall claim outcomes for their clients.

1001 - 5000 employees

Founded 1995

⚕️ Healthcare Insurance

📋 Description

• Ensure that all internal processes are followed correctly and consistently. • Assist in the creation of audit programs and plans for clients and upcoming audits. • Support evidence classification, review, and sampling activities. • Take notes during audits and assist in preparing detailed reports. • Send recap and follow-up communications as required. • Assist in collecting statistics and supporting KPI reporting. • Communicate effectively with stakeholders at all organizational levels using appropriate terminology and professional language. • Demonstrate strong written and verbal communication skills. • Maintain ethics, fairness, and accuracy in all audit documentation and reporting. • Protect confidentiality relating to personally identifiable information (PII) and intellectual property (IP) of both the firm and clients. • Maintain a professional attitude and business-like demeanor in all interactions. • Act responsibly and ethically in all situations.

🎯 Requirements

• Organizational structures, governance, and workplace practices. • Information and data systems, documentation systems, and IT fundamentals. • Audit principles, practices, and techniques in accordance with ISO standards. • Management system standards and normative documents required for certification. • Certification Body (CB) processes and procedures. • Industry terminology, practices, and expectations relevant to the client’s business sector. • Common products, processes, and operations across industries to understand client context. • Application of management system requirements to various organizational types. • ISMS-specific documentation structures and interrelationships. • Information security management tools, methods, and techniques. • Information security risk assessment and risk management principles. • ISMS processes and current information security technologies. • ISO/IEC 27001 requirements and implementation principles. • ISO/IEC 27002 controls (and sector-specific standards if applicable), including: • Information security policies • Organization of information security • Human resource security • Asset management • Access control and authorization • Cryptography • Physical and environmental security • Operations and IT service security • Communications and network security • System acquisition, development, and maintenance • Supplier relationships and outsourced services • Information security incident management • Business continuity and redundancy planning • Compliance and information security reviews • Legal and regulatory requirements in information security by geography and jurisdiction. • Information security risks and technologies relevant to the client’s industry. • The impact of organization size, structure, and governance on ISMS implementation. • Legal and regulatory requirements applicable to products or services.

🏖️ Benefits

• Opportunity to work with global experts in cybersecurity and ISO assurance. • Exposure to top-tier clients and diverse industries. • Professional development and certification support. • Collaborative and remote-friendly work environment. • Competitive compensation and growth opportunities.