Job Description – Lead Auditor ISO 27001 (Freelance)

📋 POSITION

Lead Auditor ISO 27001 – Freelance (Slovenia-Based)

🎯 OVERVIEW

We are seeking an experienced and autonomous Lead Auditor ISO 27001 to support information security audit activities with clients in Slovenia and potentially across the wider geographic region. This is a freelance, call-based position with interventions scheduled according to agreed planning. Ideal for a seasoned professional with consolidated experience, operational flexibility, and the ability to manage complex audits independently.

📌 KEY RESPONSIBILITIES

• Conduct ISO 27001 audits: Plan, execute, and report on information security compliance audits at client organizations
• ISMS assessment: Verify implementation and effectiveness of Information Security Management Systems
• Non-conformities and recommendations: Identify gaps, prepare detailed reports, and suggest improvement measures
• Stakeholder communication: Pre-audit briefings, exit meetings, and results discussion with management and IT/Security teams
• Documentation: Completion of checklists, evidence gathering, photography, and audit documentation per international standards
• Operational flexibility: Availability for scheduled interventions and, if necessary, short-notice assignments according to planning requirements

👤 REQUIRED PROFILE

Experience and Certifications (Mandatory)

• Lead Auditor ISO 27001 certification (IRCA, PECB, Exemplar Global, or equivalent recognized body)
• Minimum 3 years of experience in ISO 27001 audits or ISMS
• Experience conducting audits in Slovenian organizations (or familiarity with Slovenian/EU regulatory context)
• Strong knowledge of ISMS, risk management, compliance, and information security governance

Technical Competencies

• Deep knowledge of ISO/IEC 27001:2022 (and previous versions)
• Familiarity with NIST Cybersecurity Framework, ISO 27002, ISO 27035 (incident management)
• Experience with audit methodologies (sampling, evidence gathering, risk-based approach)
• Ability to assess technical and organizational ISMS controls
• Basic knowledge of IT environments, cloud infrastructures, data protection (GDPR)

Soft Skills

• Autonomy and reliability: Ability to manage audits independently without constant supervision
• Communication: Skill in presenting complex findings clearly to different management levels
• Flexibility: Availability for scheduled interventions with short notice
• Problem-solving: Capacity to adapt to heterogeneous organizational contexts
• Professional integrity: Impartiality and confidentiality compliance

Language Requirements

• Slovenian: Fluent (spoken and written) – Essential
• English: Good level (for technical documentation and international communication)