Auditor: Services Sector (ISO 27001) – Re-Advert Jobs

Purpose Statement

To provide expert certification and operational management services to internal and external customers. These services should add value, exceed SABS processes, and enhance the organization’s image and reputation.

Minimum Requirements

Qualifications and Special Certifications/Registration

• National Diploma or Diploma in Information Security, Information Assurance, or a relevant field (NQF Level 6)
• Valid driver’s license (willing to travel as needed)
• SAATCA Registration is an advantage

Experience

• 3 years’ experience in Information Security, Risk Management, or a relevant IT field (operational level)
• Experience in Systems Management (operational level)

Duties and Responsibilities

Functional Management

• Plan, schedule, and conduct audits within your scope.
• Lead on-site audit teams according to client and SABS requirements.
• Participate in and lead pre-audit meetings, and complete audit preparations.
• Mentor candidate auditors and new auditors within your scope.
• Serve as a subject matter expert in your areas of competence for CTC, technical committees, and work groups.
• Participate in certification and lab workgroups.
• Conduct peer evaluations, generate reports, and make recommendations within your scope.
• Perform on-site evaluations when required.
• Obtain test samples as needed by SPC and notify the sample controller.
• Write and submit detailed audit reports to clients based on the required scope, following SABS quality standards.
• Prepare presentations and share audit findings with stakeholders.
• Clear findings raised in audits and documented in reports.
• Upload reports and certificates to the Document Management System per SABS procedures.
• Manage and control information to ensure audits for clients are valid and reliable.
• Promote awareness of SABS services and products.
• Help create opportunities to upsell and generate additional business.
• Submit all relevant reports on time within your scope.

Risk and Compliance Management

• Follow risk mitigation controls (e.g., fraud prevention) and implement governance and compliance processes per SABS policies.
• Apply communicated regulatory operational controls.
• Support internal and external audits, accreditation, and regulatory requirements by providing evidence.
• Maintain Service Level Agreements to reduce business risk and ensure continuity.
• Comply with all relevant laws, SABS policies, and Standard Operating Procedures.

Stakeholder Management

• Build and maintain effective relationships with internal and external stakeholders for knowledge sharing, integration, and reputation management.
• Represent the organization in committees and task teams when needed.
• Convene, chair, and attend meetings, presenting performance and business information to stakeholders.
• Provide technical support for projects as required.
• Liaise with SABS clients and service providers to meet service standards.
• Supply information to resolve customer complaints.
• Report on stakeholder engagements to ensure continuity and follow-ups.