Cyber Auditor

**Who We Are**:
Headquartered in Atlantic Canada with offices across the United States and around the world, Bulletproof has decades of experience in IT, security, and compliance. The company’s footprint now includes users on six continents trusting Bulletproof to address their technology challenges and strengthen their security posture.
Driven by innovative, empowered, and creative teamwork, we build solutions that solve business challenges and deliver overall business improvement for our global clients. At Bulletproof, we are committed to our customers, our team, and our communities. Bulletproof's practices include Security and Network Operations Centers, Security Assessment & Audit, Quality Assurance and Testing, Project Management, Microsoft Consulting, Managed Services, Managed Security Services, and Product Fulfillment; working together to provide true end-to-end business solutions.

**Why Bulletproof**:
At Bulletproof, our people are the core of who we are and what we do. Founded in Atlantic Canada and now operating globally, it is our people who drive us and who bring us together. We believe that it is through trusting and empowering our entire team, that we achieve more. Bulletproof is a Microsoft Solutions Provider, a FOUR-PEAT Microsoft Canada Workplace Impact Award winner, and crowned the 2021 Microsoft Global Security Partner of the Year. Bulletproof is proud to be a member of the Microsoft Intelligent Security Association. We are committed to helping our customers achieve more.
Why Work with Us?
We are growing... We have 20+ years in the market, and since the acquisition of Bulletproof by Gaming Laboratories International (GLI), our mandate to expand our capacity and market reach is aggressive. We are building the team to help us achieve those goals, in Canada, in the USA and internationally. We have ambitious plans to leverage our depth of experience across our practices and we are building an ambitious team to achieve those goals together.
Interested? Read on to see if your experience is a fit.
Please ONLY APPLY if you are a South African citizen, or hold a work permit to work in South Africa.

**This position will focus on the following**:

- Managing and delivering ISMS audit assignments
- Defining the scope for ISMS audit assignments
- Developing and quality assuring security audit reports
- Travelling to client’s and to other group’s office locations
- Collaborating with clients to develop appropriate remediation plans.
- Teaming up with colleagues in other lines of services in support of client needs for Information Security Services
- Performing and/or administering a variety of security testing assignments with direct supervision such as vulnerability assessments, penetration tests, firewall reviews, social engineering, source code review
- Managing simple security testing projects
- Developing security test reports
- Following, maintaining and improving standard operation procedures (SOP)
- Achieve and maintain any required professional certification.

**Education, Experience and Skills**:

- Degree in Computer Science, Information Systems, Computer Engineering, Electrical Engineering, or equivalent technical discipline. Other degrees which are compensated by relevant technical experience will be evaluated.
- At least two years working experience in ISO 27001/InfoSec external audit at an Accounting/Consulting organization would be highly appreciated.

**Two or more of the following certifications are required**:

- ISACA Certified Information Security Auditor
- ISO 27001 Lead Auditor
- ISACA Certified in Risk and Information Systems Control
- ISACA Certified Information Security Manager
- ISO 27001 Lead Implementer
- PCI Security Standards Council Qualified Security Assessors
- (ISC)2 Certified Information Systems Security Professional
- Must be familiar with InfoSec processes, operational workflows, and businesses

**One or more of the following certifications are required**:

- EC-Council Certified Ethical Hacker (CEH)
- EC-Council Licensed Security Consultant (LPT)
- GIAC Certified Security Consultant (CPEN)
- IACRB Certified Security Consultant (CPT)
- Offensive Security Certified Professional (OSCP)
- CREST Registered Tester (CRT)
- CREST Infrastructure Certification
- CESG CHECK Team Leader
- CESG CHECK Team Member
- Tiger Scheme Senior Security Tester
- Tiger Scheme Quality Security Tester
- Any other recognized penetration testing certification/accreditation

**Your work experience has been**:

- Hands-on experience in projects including ISO 27001 compliance (audit/implementation), internal control, business processes review, IT audit, IT general control, cloud computing, IT system implementation is A MUST.
- Fluent English is required.
- Must have sound knowledge of OSI model and related protocols.
- Knowledge of AAA protocols and standards (Radius, TACACS, LDAP), SSO protocols (Kerberos, SAML, OpenID), access controls models (DAC, MAC, RBAC, ABAC) and related te