THE ROLEAs a
Senior ISO Compliance Auditor, you will lead enterprise-wide compliance and certification initiatives with primary accountability for
ISO audit readiness, control effectiveness, and sustained certification success. This role serves as a key position in ensuring Xylem's continued alignment with applicable regulatory, attestation, and certification frameworks, with particular emphasis on
ISO standards and requirements. In this capacity, you will function as a central coordinator across Xylem, partnering closely with control owners, technical teams, external auditors, certification bodies, and customers to maintain a strong compliance posture, mitigate risk, and support successful audit and certification outcomes. This position carries a strong
ISO auditor-facing and audit management focus, requiring disciplined oversight of audit preparation, evidence quality, control maturity, and remediation execution.
CORE RESPONSIBILITIES - Lead and manage ISO compliance and certification programs, with strong ownership of ISO audit readiness, certification maintenance, surveillance activities, and continuous control effectiveness.
- Drive the full audit lifecycle, including planning, readiness assessments, internal audit coordination, external audit support, evidence validation, nonconformity management, and remediation tracking.
- Coordinate and facilitate internal and external audits, serving as a primary point of contact for ISO auditors, certification bodies, and external assessors, while managing timelines, deliverables, and audit expectations.
- Partner with control owners to ensure controls are appropriately designed, documented, implemented, and operating effectively across in-scope systems, services, and business processes.
- Oversee the collection, review, validation, and organization of audit evidence to satisfy ISO certification requirements, attestation standards, and customer assurance commitments.
- Identify control gaps, risks, audit findings, and nonconformities, and drive corrective and preventive actions through to closure with accountable stakeholders.
- Track and report on compliance performance metrics, including audit status, remediation progress, control effectiveness, certification health, and readiness for upcoming ISO assessments.
- Maintain governance over corrective actions, exceptions, findings, and deficiencies, ensuring timely resolution and alignment with certification and compliance obligations.
- Collaborate cross-functionally to proactively mitigate compliance risks and resolve issues that could affect certification standing, audit outcomes, or customer trust.
- Support ongoing compliance activities, including ISO surveillance audits, recertification efforts, internal audit preparedness, and overall program maturity advancement.
- Enhance and streamline compliance processes, tooling, and evidence management workflows in partnership with automation and operational teams.
- Ensure alignment with ITIL and governance best practices while maintaining disciplined, audit-ready compliance processes.
- Serve as a key liaison for customer compliance inquiries, external audits, and assurance requests.
REQUIRED QUALIFICATIONS - Bachelor's degree in a relevant field.
- 5+ years of experience in compliance, audit, or GRC-focused project or program management roles.
- Direct experience supporting ISO certification audits, including standards such as ISO 27001, ISO 27017, ISO 27701, and ISO 20000.
- Strong understanding of control frameworks, audit methodologies, certification requirements, and evidence management expectations.
- Experience managing audit readiness, certification cycles, surveillance audits, recertification activities, and remediation programs.
- Demonstrated ability to identify control gaps, assess risk, and drive corrective actions in response to audit findings or nonconformities.
- Experience collaborating directly with ISO auditors, certification bodies, external assessors, and cross-functional stakeholders.
- Proven ability to maintain ongoing audit readiness within dynamic and regulated environments.
- Strong organizational, documentation, and stakeholder communication skills.
- Proficiency with Microsoft Office tools; experience with compliance or project management tools such as Atlassian or Smartsheet preferred.
PREFERRED QUALIFICATIONS - Experience in regulated industries such as utilities, technology, or cybersecurity.
- Hands-on experience with ISO certification programs, audit coordination, and compliance operations.
- Familiarity with GRC tools, policy governance processes, and audit evidence management platforms.
- A familiarity with SOC audits and certifications is also considered a nice to have. We perform yearly SOC1 and SOC2 certifications that are wrapped into our overall compliance portfolio.
