Lead Auditor – ISO/IEC 27001, 20000-1, 22301

Job Description

Position Overview

We are seeking an experienced Lead Auditor to join our team on a freelance basis for planned audit activities in Croatia. This is a flexible, call-based engagement where you will lead internal and/or external audit campaigns across information security, IT service management, and business continuity domains.

Key Responsibilities

• Plan and Execute Audits: Design and conduct comprehensive audit programs aligned with ISO/IEC 27001, ISO/IEC 20000-1, and/or ISO 22301 standards
• Lead Audit Teams: Direct and coordinate audit activities, manage auditor teams, and ensure consistent audit quality and methodology
• Assessment & Reporting: Evaluate compliance status, identify non-conformities and improvement opportunities, and prepare detailed audit reports with findings and recommendations
• Stakeholder Management: Communicate audit scope, timelines, and results to internal and external stakeholders in a professional manner
• Documentation: Maintain audit records, evidence trails, and supporting documentation in accordance with audit standards and client requirements
• Continuous Improvement: Contribute to the refinement of audit processes and methodologies based on lessons learned

Required Qualifications

• Mandatory: Valid Lead Auditor certification in at least one of the following:
  • ISO/IEC 27001 (Information Security Management)
  • ISO/IEC 20000-1 (IT Service Management)
  • ISO 22301 (Business Continuity Management)
• Minimum 5+ years of professional auditing experience in certified standards
• Fluent English (written and spoken); additional languages a plus
• Availability: Flexible schedule to accommodate planned audit campaigns on a call-basis

Desired Qualifications

• Certifications in multiple standards (27001 + 20000-1 and/or 22301)
• Experience auditing organizations in infrastructure, energy, oil & gas, or renewable energy sectors
• Knowledge of risk management frameworks and compliance methodologies
• Experience with remote/virtual audit delivery
• Familiarity with Balkan region or European audit environments

Technical Competencies

• Deep understanding of ISO/IEC 27001, 20000-1, and/or 22301 requirements and implementation
• Audit planning, sampling, and evidence-gathering techniques
• Root cause analysis and corrective action follow-up
• Audit reporting and metrics analysis
• Proficiency with audit management tools and documentation systems

Engagement Terms

• Type: Freelance / Call-based
• Duration: Project-based, flexible scheduling
• Location: Croatia (on-site audit activities)
• Travel: Willingness to travel within Croatia as required