Responsibilities
We are looking for a Lead Auditor with 6 to 10 yearsof experience in ISO 27001, IT Security, ISO 9001, and Auditing (ISO 19011).Responsibilities are to include, but not limited to:
·Act as a Lead Auditor alongsidequalified Audit Teams.
·Develop,design, and execute IT Security Audits and Assessments ad-hoc and as per theglobal internal Audit Plan.
·Audit and Assess IT systems, controls, and procedures to ensure compliancewith ISO 27001 requirements and company policies, identifying weaknesses orgaps in the implementation of IT controls and procedures in safeguardinginformation.
·Evaluate Siemens Healthineers IT Quality Management System (QMS), forcompliance with, as applicable: ISO 9001, as well as applicable standards andguidance documents specific to the audit target. Knowledge of ISO 13485 andMDSAP would be an advantage.
·DevelopAudit Reports/Presentations on findings to Auditees and communicating theresults to (Senior) Management.
·Collaborate with IT teams to implementcorrective actions and monitor progress towards achieving compliance objectives.Provide guidance and support to IT teams and stakeholders on implementing andmaintaining IT security measures.
1. Serveas an expert on applicable regulatory and internal requirements, theirinterpretation, and application.
·Stay abreast of emerging IT security threats, vulnerabilities, andtechnologies to continuously improve the organization's security posture.
Skills
The Applicant shall:
·Havesuccessfully completed studies in the fields of computer science, IT, economics,or a related discipline. Alternatively,possess several years of relevant professional experience or additionalqualification in the field of Information Security or IT Security.
2. Haveproven experience in conducting Audits and Assessments of IT systems, controls,and procedures, specifically within the ISO 27001 framework, in the role as Auditoras well as Lead Auditor.
3. Essentialknowledge with ISO 9001, MDSAP, and desired ISO 13485
·Havein-depth knowledge of information security principles, best practices, andstandards, with a focus on IT environments.
·Havestrong analytical skills to identify risks, vulnerabilities, and weaknesses inIT processes and technologies.
·Haveexcellent communication and interpersonal skills to effectively interact withIT professionals and stakeholders.
4. Bea motivated self-starter and be able to work independently and collaborativelyin a fast-paced environment, managing multiple priorities effectively.
5. Havea self-confident personality, experienced with communicating up to senior levelmanagement.
6. Havea consultative mindset.
Advantageous:
·Relevantcertifications such as ISO 27001 Lead Auditor, CISA, CISSP, or CISM and ISO9001 QMA.
·Familiaritywith industry regulations and standards such as GDPR, NIST, SOC, or HIPAA.