ISO 27001 Analyst - Panama Hybrid

The ISO 27001 Analyst supports the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits. This role requires strong attention to detail, effective communication skills, and a foundational understanding of management systems and information security principles.

Requirements

• Ensure that all internal processes are followed correctly and consistently.
• Assist in the creation of audit programs and plans for clients and upcoming audits.
• Support evidence classification, review, and sampling activities.
• Take detailed notes during audits and assist in preparing high-quality reports.
• Send recap and follow-up communications as required.
• Collect statistics and support KPI reporting.
• Communicate effectively with stakeholders at all organizational levels using professional language and terminology.
• Maintain ethics, fairness, and accuracy in all audit documentation and reporting.
• Protect the confidentiality of personally identifiable information (PII) and intellectual property (IP) belonging to both the firm and clients.
• Demonstrate professionalism and responsibility in all interactions.
• Handle client ingestion and onboarding activities.
• Perform HubSpot data scrubbing and updates.
• Register new engagements in Asana and coordinate Insight ONE transfers (in or out).
• Create SharePoint folders and upload Evidence Lists (EL).
• Follow up on CUP (Client Upload Portal) submissions.
• Audit Planning Support (in collaboration with the ISO Manager) Follow up on CUP status and pending uploads.
• Send planning call recaps and assist with scheduling.
• Communicate auditor assignments and update Asana tasks.
• Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.
• Audit Execution Support (in collaboration with ISO Auditors) Ensure auditors have access to necessary GRC platforms and client systems.
• Audit Reporting & Quality Assurance (in collaboration with ISO Manager) Collect metrics on TAT for archive submissions.
• Register findings in the Universal Registry of Findings.
• Complete archive QA forms and support non-technical QA reviews, including: Audit Report Audit Plan Audit Program Registry of Findings Certificate & Registry Management Handle certificate registration in the appropriate database.
• Maintain IAF CertSearch registrations and updates.

Benefits

• Meal Voucher (Vale de alimentación)
• Private Retirement Contributions (Aportes de jubilación privada)
• Wellbeing Program
• Workplace Resources
• Career Development
• Paid vacation according to Panamanian labor law
• Gym membership
• Health insurance
• Life insurance
• Discount at Sortis Hotel Spa
• Mobile phone service
• Hybrid remote work model
• Access to our local office with amenities
• Parking (subject to company policy)
• Business travel and expense reimbursement in accordance with IAG SRL policy
• Company-provided laptop
• Training program
• Professional development program
• Certification reimbursement aligned with IAG SRL policy