Braze is hiring an ISO 27001 Analyst - EMEA to join our audit and assurance efforts. This role supports teams performing ISO 27001 certification assessments and related information security audits, focusing on planning, evidence review, and reporting under supervision.
What You'll Do
- Ensure all internal processes are followed correctly and consistently.
- Assist in the creation of audit programs and plans for clients and upcoming audits.
- Support evidence classification, review, and sampling activities.
- Take detailed notes during audits and assist in preparing high-quality reports.
- Send recap and follow-up communications as required.
- Collect statistics and support KPI reporting.
- Communicate effectively with stakeholders at all organizational levels using professional language.
- Maintain ethics, fairness, and accuracy in all audit documentation and reporting.
- Protect confidentiality of personally identifiable information (PII) and intellectual property (IP).
- Handle client ingestion and onboarding activities.
- Perform HubSpot data scrubbing and updates.
- Register new engagements in Asana and coordinate Insight ONE transfers.
- Create SharePoint folders and upload Evidence Lists (EL).
- Follow up on CUP (Client Upload Portal) submissions.
- Follow up on CUP status and pending uploads.
- Send planning call recaps and assist with scheduling.
- Communicate auditor assignments and update Asana tasks.
- Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.
- Ensure auditors have access to necessary GRC platforms and client systems.
- Collect metrics on TAT for archive submissions.
- Register findings in the Universal Registry of Findings.
- Complete archive QA forms and support non-technical QA reviews.
- Handle certificate registration in the appropriate database.
- Maintain IAF CertSearch registrations and updates.
What We're Looking For
- Strong attention to detail and analytical thinking.
- Effective written and verbal communication skills.
- Foundational understanding of management systems and information security principles.
- Understanding of ISO/IEC 27001 and 27002 standards.
- Knowledge of organizational structures, governance, and workplace practices.
- Knowledge of information and data systems, documentation systems, and IT fundamentals.
- Knowledge of audit principles, practices, and techniques in accordance with ISO standards.
- Knowledge of management system standards and normative documents required for certification.
- Knowledge of Certification Body (CB) processes and procedures.
- Knowledge of industry terminology, practices, and expectations relevant to the client’s business sector.
- Knowledge of common products, processes, and operations across industries.
- Knowledge of application of management system requirements to various organizational types.
- Knowledge of ISMS-specific documentation structures and interrelationships.
- Knowledge of information security management tools, methods, and techniques.
- Knowledge of information security risk assessment and risk management principles.
- Knowledge of ISMS processes and current information security technologies.
- Knowledge of ISO/IEC 27001 requirements and implementation principles.
- Knowledge of ISO/IEC 27002 controls (and sector-specific standards if applicable).
- Knowledge of legal and regulatory requirements in information security by geography and jurisdiction.
- Knowledge of information security risks and technologies relevant to the client’s industry.
- Knowledge of the impact of organization size, structure, and governance on ISMS implementation.
- Knowledge of legal and regulatory requirements applicable to products or services.
- Integrity, confidentiality, and professionalism.
- Organizational and time management skills.
- Team collaboration and adaptability.
- Continuous learning and improvement mindset.
Technical Stack
- HubSpot
- Asana
- SharePoint
- GRC platforms
Team & Environment
You will join a team of 170+ professionals and work under the supervision of an Auditor, Lead Auditor, or Manager.
Benefits & Compensation
- Opportunity to work with global experts in cybersecurity and ISO assurance.
- Exposure to top-tier clients and diverse industries.
- Professional development and certification support.
- Collaborative and remote-friendly work environment.
- Competitive compensation and growth opportunities.
Work Mode
This is a fully remote position based in the Czech Republic.
Braze is an equal opportunity employer.
