×
Solicitar trabajos Solicitar trabajos Publicar ofertas Publicar ofertas Inicio
Regístrese Aquí para solicitar empleo o publicarlo X
Más empleos:
Seguridad cibernética Seguridad de información Seguridad de datos Consultoría TI

Senior Information Security Auditor

Trabajo disponible en: 08001, Barcelona, Cataluna, España
Empresa: Applicable Limited
Tiempo completo posición
Publicado en 2025-12-14
Especializaciones laborales:
  • TI/Tecnología
    Seguridad cibernética, Seguridad de información, Seguridad de datos, Consultoría TI
Rango Salarial o Referencia de la Industria: 50000 - 70000 EUR Anual EUR 50000.00 70000.00 YEAR
Descripción del trabajo

Continue to make an impact with a company that is pushing the boundaries of what is possible. At NTT DATA, we are renowned for our technical excellence, leading innovations, and making a difference for our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can continue to grow, belong, and thrive.

Your career here is about believing in yourself and seizing new opportunities and challenges. It’s about expanding your skills and expertise in your current role and preparing yourself for future advancements. That’s why we encourage you to take every opportunity to further your career within our great global team.

Your day at NTT DATA

The Information Security Auditing Specialist is a seasoned subject matter expert who plays a critical role in evaluating and ensuring the effectiveness of less complex security controls, policies, and practices.

This role collaborates with various cross functional teams to enhance the organization's security posture, mitigate risks, and maintain compliance with industry standards and regulations.

The Information Security Auditing Specialist typically reviews other auditor's audit reports ahead of sign off to provide feedback for the auditor to deliver comprehensive report findings.

Key Responsibilities
  • Lead planning, scoping, and execution of internal audits for information security, privacy, and business resilience using risk-based audit methodologies.
  • Perform detailed control testing across technical, process, and third‑party outsourcing controls aligned to ISO/IEC 27001
    , ISO/IEC 27701
    , SOC 2 TSC
    , ISO/IEC 22301
    , and other applicable standards.
  • Produce clear, concise, and detailed audit reports including findings, risk ratings, root‑cause analysis, practical remediation recommendations, and risk acceptance considerations.
  • Act as primary liaison with external audit bodies
    , regulators, and assurance partners: prepare evidence packages, coordinate on‑site/remote audit activities, and respond to follow‑up queries.
  • Provide advice and guidance to business units, IT, legal, privacy, and risk teams on information security and privacy frameworks, control design, and compliance requirements (e.g.,
    GDPR
    , DORA
    ).
  • Mentor, coach, and develop junior auditors — review their work, provide feedback, and support career development and skills building.
  • Maintain and enhance the internal audit methodology, templates, and assurance tooling; champion use of automation and AI to improve efficiency of testing, pattern detection, and reporting.
  • Track remediation actions: maintain issues/risk register, liaise with control owners, validate remediation, and elevate where necessary.
  • Contribute to continuous improvement initiatives for the Information Security & Privacy Management System (
    ISPMS
    ) and cross‑functional risk programs.
  • Support management reporting and audit committee deliverables, prepare executive summaries, and present findings to senior stakeholders.
Knowledge and Attributes
  • Strong working knowledge of ISO/IEC 27001
    , ISO/IEC 27701
    , ISO/IEC 22301
    , and SOC 2 TSC frameworks: controls mapping, gap analysis, and audit interpretation.
  • Deep understanding of GDPR principles and practical privacy controls; familiarity with EU/UK data protection obligations.
  • Knowledge of financial / operational regulatory frameworks such as DORA (or readiness to apply its requirements to ICT risk and operational resilience).
  • Experience liaising with external auditors and regulators, preparing evidence packs, and responding to assurance queries.
  • Strong technical literacy: understanding of network security, identity/access management, cloud security, application security, encryption, logging/monitoring, and third‑party risk controls.
  • Proficiency in audit tools, GRC platforms, and common productivity suites; willingness to evaluate and adopt AI tools for data analysis, testing, and reporting.
Academic Qualifications and Certifications
  • Certified Lead Auditor (or equivalent) in:
    • ISO/IEC 27001 Lead Auditor
    • ISO/IEC 27701 Lead Auditor (or demonstrable privacy audit experience)
    • ISO/IEC 22301 Lead Auditor (desirable)
  • Professional certifications preferred:
    CISA
    , CISSP
    , CRISC
    , CIPM or equivalent.
  • Experience…
Requisitos del puesto
10+ años Experiencia laboral
Tenga en cuenta que actualmente no se aceptan solicitudes desde su jurisdicción. Las preferencias de los candidatos son decisión del empleador o del agente reclutador.
Para buscar, ver y solicitar empleos que acepten solicitudes de su ubicación o país, toque aquí para realizar una búsqueda:
 
 
 
Busque más trabajos aquí:
(Ingrese pocas palabras para obtener mejores resultados)
Localización
Increase search radius (miles)

Idioma de la publicación
Categoría de empleo
Nivel educativo
Filtros
Nivel Educativo
Experiencia profesional mínima para el empleo (años)
Publicado en los últimos:
Salario
Búsqueda avanzada