Security Consultant (ISO 27001 auditor )
*Please be aware that this position is open from september 2023 onwards
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better.
Within EY (Tech) Consultancy specialized consultants work in various disciplines; from developing until implementing a strategy within diverse company branches and different segments. Our multidisciplinary teams crossing cultural borders work at companies within the fields of IT, Supply Chain, Operational Effectiveness, Finance, Actuarial Services, Technology, Risk, Transactions and Certifications. We believe that by managing our clients’ challenges we can make a critical difference, and you’ll be at the heart of this mission.
The opportunity - What future are you building towards?
Our clients are under constant pressure from their customers and stakeholders to demonstrate compliance with Cybersecurity and Privacy/GDPR standards and that's where EY CertifyPoint assists them via certification services. EY CertifyPoint is expanding its certification and implementation services on management systems for a broad range of standards. As an consultant within EY CertifyPoint, you will discover best of two worlds.
Our team - Do great minds always think alike?
The EY CertifyPoint Team is one of the world leaders in ISO certifications. Our team is known for a smart approach and efficient auditing techniques that minimize our clients' efforts. We have developed a strong global practice and gained expertise in the areas of information security/privacy as well as ISO/IEC 27001:2013 and ISO/IEC 27701:2019 standards. The EY CertifyPoint team is part of an international team and we offer a range of services to our clients. Our team consists of professionals with very diverse backgrounds.
Responsibilities – How can you make a lasting impact in a rapidly changing world?
- As a security/privacy consultant, you will primarily be performing certification audits for security and privacy-related controls for our clients, proving workshops and training sessions on related topics.
- A role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between auditing, traveling, providing workshops and supporting business development.
- A constantly changing environment. There’s no better place to develop your skills. Since the position is for a team which works on a global scale within EY, there are many international travel opportunities (30-60%).
Job requirements – Where do you start if you want to change the world?
- Relevant Bachelor's and/or Master's degree in Computer Science, IT Auditing, Information Systems and/ or Privacy Law.
- Have more than 3 years of IT auditing working experience and advanced knowledge of IT general controls (security, change management, disaster backup recovery, data center, infrastructure, etc.), IT governance processes (ITIL).
- Ability to critically review security policies and procedures, design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, ISO27001, NIST, SANS.
- Good understanding of industry standards in cybersecurity (ISO, ITIL, NIST, ISF) and privacy ( GDPR, ISO 27018) is an advantage.
- Entrepreneurial and problem solving mind and good project management with the ability to collaborate with teams across multiple locations and a strong command of the English language is a must due to the international clientele of EY CertifyPoint. Proficiency in Dutch, German and French would be a great advantage.
Already interested? Apply now!
What we offer – Is everything that counts being counted?
We offer you an attractive employment package that rewards individual and team achievements:
- Vitality: the choice is yours. An online session with an external vitality coach, practical tips on topics such as nutrition, energy, sleep and mindset, a discount at Healthcity and/or a voucher card to rent a padel court.
- Flexible working: you decide where and when you work in consultation with your team. At home, at the office, at the client or from another European country (up to 20 working days per year).
- Home office arrangement: to optimize your home office, EY provides the following resources for you: office chair, sit/stand desk, an external monitor, a desk lamp, a (Bluetooth) headset, and a large external keyboard.
- Birth leave: EY will pay 100% of the birth leave, in the case of an additional birth leave, EY will pay 70% of the salary.
For a full overview of our employment package click here: Hoe het is om bij ons te werken | EY – Global | EY - Nederland
The office
Our office in Amsterdam is located in the Zuidas, a bustling area where many businesses are situated. In our Cross Towers, Anouchka and Lucia welcome up to 1.000 people every day upon arrival. Haven't had breakfast yet? Taib will make his special smoothie for you or simply a delicious cappuccino. During the lunch break, the team of Hans and Mehdi will be ready with a fresh lunch for you. For a breathtaking view of Amsterdam, head to the 22nd floor. Collaborating takes on a new meaning with the Wavespace. This high-tech environment brings clients and colleagues together virtually from all over the world!
Recruitment procedure
The selection procedure exists in general out of 2 interview rounds and/ or Business case and an assessment.
Due to laws and regulations, and because EY (and in some cases its clients) has high demands on the reliability and integrity of its employees, every new employee will be screened. Depending on your rank the pre-employment screening could contain the following: Certificate of Conduct (in Dutch: VOG) or - if requesting a Dutch VOG is not possible - Criminal Background Check of the country you are currently living or have lived during the last five years, integrity questionnaire, verification of ID, diploma’s and/or work experience and consultation of the Dutch insolvency registry.