Bachelor s degree in information cybersecurity, risk management, governance, or a related field.
5 years of direct experience in information security, with a focus on risk and compliance.
Expertise in conducting ISO 27001 and SOC 2 audits and handling audit responses.
Knowledge of relevant regulatory compliance requirements (ISO 27001, SOC 2, NIST, FedRamp, CMMC, PCI, GDPR, etc.).
Familiarity with identity management standards, cloud storage, and disaster recovery.
Proficiency in GRC tools and best practices (e.g., ZenGRC, OneTrust, Archer).
Strong attention to detail and effective communication skills.
Preferred Qualifications:

ISO 27001 Lead Auditor, CISA, CISM, or CISSP certification