Security Consultant; ISO auditor

Overview

Security Consultant (ISO 27001 auditor). Primary location:
Amsterdam (The Netherlands). Date: 19 Sept 2025. Requisition .

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.

Confidence in your impact today. Freedom to build tomorrow. At EY, you can make a difference for clients, society, colleagues, and your own development, while having the freedom to work in a way that fits your life. Whether you specialize, broaden your expertise, or grow into leadership, you’re in the driver’s seat.

Our clients are under constant pressure to demonstrate compliance with Cybersecurity and Privacy/GDPR standards, and EY Attestations and Certification assists them via certification services. The team is expanding its certification and implementation services on management systems for a broad range of standards. As a consultant within, you will explore best practices and apply them to client engagements.

As a security consultant, you will primarily perform certification audits for security and privacy-related controls, conduct workshops, and deliver training sessions on related topics.

You will work in a dynamic environment with varied responsibilities, balancing auditing, travel, workshops, and business development. You will collaborate with clients and colleagues while traveling as needed.

You will operate in a global EY team with significant international travel opportunities (approximately 30–60%).

Within the Technology Risk department, we analyze IT-systems, processes, and cybersecurity. We focus on both business and IT and the financial side of large organizations, helping to make IT risks transparent and manageable. We work with financial auditors at clients in various sectors to support the financial statement audit.

Our Amsterdam office is located at the Zuidas. In Cross Towers, we welcome up to 1,500 people daily. The 22nd floor offers a city view. Wavespace provides a high-tech environment that connects clients and colleagues virtually across the globe.

• Relevant Bachelor’s and/or Master’s degree in Computer Science, IT Auditing, Information Systems, and/or Privacy Law.
• 3+ years of IT auditing experience with advanced knowledge of IT general controls and IT governance processes (ITIL).
• Ability to critically review security policies and implement controls in line with regulations and standards (ISO
  27001, NIST, SANS).
• Good understanding of cybersecurity standards (ISO, ITIL, NIST, ISF) and privacy (GDPR, ISO 27018) is an advantage.
• Entrepreneurial and problem-solving mindset with strong project management, collaboration across locations, and proficient English;
  Dutch, German, or French is a plus.

• A competitive salary based on experience and qualifications.
• Holiday allowance and an annual bonus (performance-based).
• Laptop and phone for work and personal use, plus a monthly internet allowance.
• 25 vacation days, with option to buy extra days.
• Mobility budget to choose how you travel (lease car, discounted public transport, or transport app).
• Pension plan for the future.
• Hybrid working to support work-life balance; office, client site, or home office arrangements with a well-equipped home setup.
• Option to swap 3 national holidays for non-national ones.
• Training and development opportunities to deepen expertise and leadership skills.
• Open Up wellbeing platform access and support from psychologists and lifestyle experts (within 36 hours).
• Active internal networks and social activities fostering a positive work atmosphere.

All of this within an environment where our core values of integrity, inclusiveness, and respect are central. Curious about all our benefits? .

• For this vacancy, we only ask for your CV to simplify applying.
• Our first contact: after application, our recruiter will call within 2 days for a short introduction.
• First interview: online assessment (game-based) focusing on cognitive skills and behavioral preferences; results discussed during the interview with a colleague from the department.
• Second interview: deeper exploration of the role and topics; a business case may be part of the process. A final interview may follow.
• We’re a match. You’ll receive an offer and undergo pre-employment screening before starting.

EY | Building a better working world

EY teams work across assurance, consulting, tax, strategy, and transactions. We operate in more than 150 countries, supported by data, AI, and advanced technology to help clients shape the future with confidence.