As an Information Security Auditor trainee you will work in a small and experienced team of cybersecurity professionals who assess IT systems & networks, facilities and management systems against various standards and frameworks across multiple industries.
After the initial training period you will work in an auditor role where you will act as a specialist in assessing networks, applications, facilities and/or management systems. You will typically focus on either the more technical side of auditing which involves mastering numerous tools such as burp, Nmap, Wireshark and Nessus or the management side which involves skills such as project management, leading audit workshops, understanding and assessing processes and management systems, audit planning etc. Both roles also include participation in workshops, documentation reviews and reporting.
You will have a chance to work with multiple information security standards and with highly skilled colleagues.
This position is ideal for a person with an analytical mindset, capability to work with multiple simultaneous projects, strong verbal and written Finnish and English language skills, as well as passion for cybersecurity.
What will the work include
- Participating in numerous audits and assessments such as Katakri, ISO 27001 and PCI DSS
- Supporting the audit teams in ongoing audits and assessments
What we offer
- Training program that will prepare you to become an auditor for a certification body or a technical expert
- Fundamentals in auditing and information security
- Tools to assess security of various systems and networks
- Audit planning
This trainee program allows you to rapidly build your expertise and understanding of different approaches to cybersecurity, covering everything from its management to a multitude of advanced security control implementations.
You will go through the training program during the first months of your traineeship. Simultaneously you will start working with the project teams to learn more from your experienced colleagues and help them in the project delivery by performing assigned tasks.
What we hope from you:
- Understanding of some areas in information security and/or technical security
- Strong verbal and written Finnish and English language skills
- Ability to understand and clearly describe complex technical solutions and issues found in them in writing
- Eagerness to learn about new technologies
- Programming/scripting skills seen as advantage for the technical approach
- Capability to plan your work and deliver results within agreed timeframes
What we require from you:
- A good sense of humor and a passion for cybersecurity
This position will be based in Espoo, Finland. The traineeship will last for 6 months and start in the beginning of fall.
Finnish citizenship is required in this position.
Since we are working with security for security-conscious companies and
organizations, we will do security background checks as part of the
Nixu Certification is an accredited certification body as well as an information security inspection body accredited by FINAS and Traficom. We focus exclusively on information security certification audit services providing the most comprehensive audit service portfolio in Finland. Our audit portfolio consists of ISO 27001, ISO 27701, ISO 27017, ISO 27018, Katakri, PiTuKri, VAHTI, PCI DSS and CSA STAR among others. By concentrating our focus solely on information security, we strongly believe we are able to offer the highest quality services in this specific area, which helps our clients to keep their data secure and available with appropriate controls.