Information Security Auditor

Description

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview

The Information Security Auditor will be responsible for independent planning, executing, and reporting on audits of Zones’ information security management system (ISMS), privacy information management system (PIMS), and related compliance frameworks (ISO 27001, ISO 27701, SOC 2, etc.). This role ensures continuous improvement of Zones’ security posture, identifies risks and non-conformities, and provides actionable recommendations to the CISO and senior management.

Key Responsibilities

• Develop, maintain, and execute the internal IS audit plan under the direction of the CISO.
• Conduct process, technical, and compliance audits in line with ISO 27001/27701 standards.
• Validate the effectiveness of security controls across infrastructure, applications, and processes.
• Assess compliance with regulatory, contractual, and corporate requirements.
• Identify gaps and risks; recommend corrective and preventive actions.
• Provide input to the CISO for risk prioritization and security strategy.
• Prepare concise audit reports with clear findings, root causes, and recommendations.
• Present audit results to the CISO and Information Security Steering Committee (ISSC).
• Track remediation progress and report status updates to leadership.
• Engage with IT, Network, Data Center, and Business teams to review evidence and remediation.
• Support the CISO in preparing for external audits (ISO, SOC 2, client/vendor assessments).
• Advise on best practices and continuous improvement of ISMS/PIMS.
  
  

Required Skills & Competencies

• Deep knowledge of ISO 27001:2022 and ISO 27701 standards.
• Familiarity with other frameworks: NIST CSF, SOC 2, PCI DSS, CIS Controls.
• Understanding of cloud (Azure, O365), IT infrastructure, and cybersecurity controls.
• Strong audit methodology, documentation, and reporting skills.
• Excellent communication and ability to influence cross-functional teams.
• High integrity, independence, and objectivity.
  
  

Qualifications & Experience

• Bachelor’s degree in Information Security, Computer Science, or related field.
• Preferred certifications or Trainings: ISO 27001 Lead Auditor, ISO 27701 Lead Implementer, CISA, CISSP, CISM.
• At least 2-3 years’ experience in internal audits, compliance, or security governance.
• Experience in IT services or reseller industry is an advantage.
• Key Performance Indicators (KPIs):
• Timely delivery of internal IS audit plan.
• Rate of closure for non-conformities/findings.
• Effectiveness of recommendations (as measured by improved audit scores or reduced incidents).
• Contribution to successful external audits and certifications.
  
  

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer life insurance, optional health insurance, EOBI, and a voluntary pension scheme in line with Company policy. Employees also enjoy additional perks such as Complimentary meals, and access to our in-house gym.

We take pride in being an equal opportunity employer and remain dedicated to maintaining a workplace free from discrimination of any kind. If you are passionate about driving innovation in IT, sales, engineering, or operations, Zones provides a dynamic and collaborative environment to help you grow your career.

All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, age, genetic information, or pregnancy.

Job timings: 8:00PM – 5:00AM (Pk time)