Insight Assurance LLC
ISO 27001 Analyst - Panama Hybrid Panama (Remote)
Insight Assurance LLC, Tampa, Florida, us, 33646
This is a hybrid position for candidates located in Panama City only. Employees are expected to attend the office three times per week. Our office is located in the Obarrio neighborhood.
About Insight Assurance Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next‑generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.
We’re not your traditional audit firm — we’re tech‑enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.
Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest‑growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.
Position Summary The ISO Analyst supports the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits. Working under the supervision of an Auditor, Lead Auditor, or Manager, the ISO Analyst assists in audit planning, evidence review, report preparation, and overall quality assurance.
This role requires strong attention to detail, effective communication skills, and a foundational understanding of management systems and information security principles.
Key Responsibilities General Audit Support
Ensure that all internal processes are followed correctly and consistently.
Assist in the creation of audit programs and plans for clients and upcoming audits.
Support evidence classification, review, and sampling activities.
Take detailed notes during audits and assist in preparing high‑quality reports.
Send recap and follow‑up communications as required.
Collect statistics and support KPI reporting.
Communicate effectively with stakeholders at all organizational levels using professional language and terminology.
Maintain ethics, fairness, and accuracy in all audit documentation and reporting.
Protect confidentiality of personally identifiable information (PII) and intellectual property (IP) belonging to both the firm and clients.
Demonstrate professionalism and responsibility in all interactions.
Administrative & Coordination Tasks
Handle client ingestion and onboarding activities.
Perform HubSpot data scrubbing and updates.
Register new engagements in Asana and coordinate Insight ONE transfers (in or out).
Create SharePoint folders and upload Evidence Lists (EL).
Follow up on CUP (Client Upload Portal) submissions.
Audit Planning Support (in collaboration with the ISO Manager)
Follow up on CUP status and pending uploads.
Send planning call recaps and assist with scheduling.
Communicate auditor assignments and update Asana tasks.
Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.
Audit Execution Support (in collaboration with ISO Auditors)
Ensure auditors have access to necessary GRC platforms and client systems.
Audit Reporting & Quality Assurance (in collaboration with ISO Manager)
Collect metrics on TAT for archive submissions.
Register findings in the Universal Registry of Findings.
Complete archive QA forms and support non‑technical QA reviews, including:
Audit Report
Audit Plan
Audit Program
Registry of Findings
Certificate & Registry Management
Handle certificate registration in the appropriate database.
Maintain IAF CertSearch registrations and updates.
Knowledge Requirements
Organizational structures, governance, and workplace practices.
Information and data systems, documentation systems, and IT fundamentals.
Audit principles, practices, and techniques in accordance with ISO standards.
Management system standards and normative documents required for certification.
Certification Body (CB) processes and procedures.
Industry terminology, practices, and expectations relevant to the client’s business sector.
Common products, processes, and operations across industries to understand client context.
Application of management system requirements to various organizational types.
ISMS‑specific documentation structures and interrelationships.
Information security management tools, methods, and techniques.
Information security risk assessment and risk management principles.
ISMS processes and current information security technologies.
ISO/IEC 27001 requirements and implementation principles.
ISO/IEC 27002 controls (and sector‑specific standards if applicable), including:
Information security policies
Organization of information security
Human resource security
Asset management
Access control and authorization
Cryptography
Physical and environmental security
Operations and IT service security
Communications and network security
System acquisition, development, and maintenance
Supplier relationships and outsourced services
Information security incident management
Business continuity and redundancy planning
Compliance and information security reviews
Legal and regulatory requirements in information security by geography and jurisdiction.
Information security risks and technologies relevant to the client’s industry.
The impact of organization size, structure, and governance on ISMS implementation.
Legal and regulatory requirements applicable to products or services.
Key Competencies
Attention to detail and analytical thinking
Written and verbal communication
Integrity, confidentiality, and professionalism
Understanding of ISO/IEC 27001 and 27002 standards
Organizational and time management skills
Team collaboration and adaptability
Continuous learning and improvement mindset
What We Offer
Opportunity to work with global experts in cybersecurity and ISO assurance.
Exposure to top‑tier clients and diverse industries.
Professional development and>
Collaborative and remote‑friendly work environment.
Competitive compensation and growth opportunities.
Benefits
Workplace Resources
Paid vacation according to Panamanian labor law
Health insurance
Life insurance
Discount at Sortis Hotel Spa
Access to our local office with amenities
Parking (subject to company policy)
Business travel and expense reimbursement in accordance with IAG SRL policy
Company‑provided laptop
Training program
Certification reimbursement aligned with IAG SRL policy
Privacy Notice CCPA
Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
Insight Assurance does not sell personal data/information under any circumstances.
You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602
Privacy Notice GDPR This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.
We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross‑referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.
When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.
We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.
The categories of Personal Data under Processing consist of:
Identification
Contact
Education and Professional
Evaluation
You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:
Right of Access
– meaning getting information about the Personal Data under Processing by us, except for the information you already know;
Right of Erasure
– you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
Right of Opposition or Restriction of Processing
– you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
Rectification
– you can rectify your Personal Data at anytime
Interested in building your career at Insight Assurance? Get future opportunities sent straight to your email.
Accepted file types pdf, doc, docx, txt, rtf
Education School * Select…
Degree * Select…
Select…
LinkedIn Profile * Do you have any professional certifications relevant to the position? *
CISSP
CISA
CISM
ISO 27001 LA
ISO 27701 LA
ISO 42001 LA
ISO 22301 LA
ISO 9001 LA
PCI QSA
CCP
CPA
METI RISS
GIAC
IRCA ISMS
IIA Certified Internal Auditor (CIA)
PCIP
CPTS
PNPT
CBBH
CRTO
CEH
CAPE
Security+
Years of experience relevant to the position * Select… Which country do you currently reside in? * Select… Fiscal or Tax Residency * Select… What is your level of proficiency in English? * Select… What is your monthly salary expectation (USD)? *
#J-18808-Ljbffr
About Insight Assurance Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next‑generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.
We’re not your traditional audit firm — we’re tech‑enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.
Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest‑growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.
Position Summary The ISO Analyst supports the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits. Working under the supervision of an Auditor, Lead Auditor, or Manager, the ISO Analyst assists in audit planning, evidence review, report preparation, and overall quality assurance.
This role requires strong attention to detail, effective communication skills, and a foundational understanding of management systems and information security principles.
Key Responsibilities General Audit Support
Ensure that all internal processes are followed correctly and consistently.
Assist in the creation of audit programs and plans for clients and upcoming audits.
Support evidence classification, review, and sampling activities.
Take detailed notes during audits and assist in preparing high‑quality reports.
Send recap and follow‑up communications as required.
Collect statistics and support KPI reporting.
Communicate effectively with stakeholders at all organizational levels using professional language and terminology.
Maintain ethics, fairness, and accuracy in all audit documentation and reporting.
Protect confidentiality of personally identifiable information (PII) and intellectual property (IP) belonging to both the firm and clients.
Demonstrate professionalism and responsibility in all interactions.
Administrative & Coordination Tasks
Handle client ingestion and onboarding activities.
Perform HubSpot data scrubbing and updates.
Register new engagements in Asana and coordinate Insight ONE transfers (in or out).
Create SharePoint folders and upload Evidence Lists (EL).
Follow up on CUP (Client Upload Portal) submissions.
Audit Planning Support (in collaboration with the ISO Manager)
Follow up on CUP status and pending uploads.
Send planning call recaps and assist with scheduling.
Communicate auditor assignments and update Asana tasks.
Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.
Audit Execution Support (in collaboration with ISO Auditors)
Ensure auditors have access to necessary GRC platforms and client systems.
Audit Reporting & Quality Assurance (in collaboration with ISO Manager)
Collect metrics on TAT for archive submissions.
Register findings in the Universal Registry of Findings.
Complete archive QA forms and support non‑technical QA reviews, including:
Audit Report
Audit Plan
Audit Program
Registry of Findings
Certificate & Registry Management
Handle certificate registration in the appropriate database.
Maintain IAF CertSearch registrations and updates.
Knowledge Requirements
Organizational structures, governance, and workplace practices.
Information and data systems, documentation systems, and IT fundamentals.
Audit principles, practices, and techniques in accordance with ISO standards.
Management system standards and normative documents required for certification.
Certification Body (CB) processes and procedures.
Industry terminology, practices, and expectations relevant to the client’s business sector.
Common products, processes, and operations across industries to understand client context.
Application of management system requirements to various organizational types.
ISMS‑specific documentation structures and interrelationships.
Information security management tools, methods, and techniques.
Information security risk assessment and risk management principles.
ISMS processes and current information security technologies.
ISO/IEC 27001 requirements and implementation principles.
ISO/IEC 27002 controls (and sector‑specific standards if applicable), including:
Information security policies
Organization of information security
Human resource security
Asset management
Access control and authorization
Cryptography
Physical and environmental security
Operations and IT service security
Communications and network security
System acquisition, development, and maintenance
Supplier relationships and outsourced services
Information security incident management
Business continuity and redundancy planning
Compliance and information security reviews
Legal and regulatory requirements in information security by geography and jurisdiction.
Information security risks and technologies relevant to the client’s industry.
The impact of organization size, structure, and governance on ISMS implementation.
Legal and regulatory requirements applicable to products or services.
Key Competencies
Attention to detail and analytical thinking
Written and verbal communication
Integrity, confidentiality, and professionalism
Understanding of ISO/IEC 27001 and 27002 standards
Organizational and time management skills
Team collaboration and adaptability
Continuous learning and improvement mindset
What We Offer
Opportunity to work with global experts in cybersecurity and ISO assurance.
Exposure to top‑tier clients and diverse industries.
Professional development and>
Collaborative and remote‑friendly work environment.
Competitive compensation and growth opportunities.
Benefits
Workplace Resources
Paid vacation according to Panamanian labor law
Health insurance
Life insurance
Discount at Sortis Hotel Spa
Access to our local office with amenities
Parking (subject to company policy)
Business travel and expense reimbursement in accordance with IAG SRL policy
Company‑provided laptop
Training program
Certification reimbursement aligned with IAG SRL policy
Privacy Notice CCPA
Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
Insight Assurance does not sell personal data/information under any circumstances.
You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602
Privacy Notice GDPR This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.
We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross‑referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.
When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.
We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.
The categories of Personal Data under Processing consist of:
Identification
Contact
Education and Professional
Evaluation
You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:
Right of Access
– meaning getting information about the Personal Data under Processing by us, except for the information you already know;
Right of Erasure
– you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
Right of Opposition or Restriction of Processing
– you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
Rectification
– you can rectify your Personal Data at anytime
Interested in building your career at Insight Assurance? Get future opportunities sent straight to your email.
Accepted file types pdf, doc, docx, txt, rtf
Education School * Select…
Degree * Select…
Select…
LinkedIn Profile * Do you have any professional certifications relevant to the position? *
CISSP
CISA
CISM
ISO 27001 LA
ISO 27701 LA
ISO 42001 LA
ISO 22301 LA
ISO 9001 LA
PCI QSA
CCP
CPA
METI RISS
GIAC
IRCA ISMS
IIA Certified Internal Auditor (CIA)
PCIP
CPTS
PNPT
CBBH
CRTO
CEH
CAPE
Security+
Years of experience relevant to the position * Select… Which country do you currently reside in? * Select… Fiscal or Tax Residency * Select… What is your level of proficiency in English? * Select… What is your monthly salary expectation (USD)? *
#J-18808-Ljbffr