Freelance IT Auditor (3rd parties) (ZZP)

• Voorkeur voor NL kdd, maar UK mag ook.

• Voorkeur voor 32 uur.

• Voorkeur voor achtergrond in of ervaring met vergelijkbare tech bedrijven.

• CISA, CISM, CISSP, zijn kwalificaties die gezocht worden.

We are seeking on behalf of Bol a security IT auditor to join their third party security management department. As a department we onboard many new 3rd parties (e.g. SaaS or BPO) which need a security assessment. 

Perform Risk Assessments on proposed new suppliers and provided services. E.g. assessing the (security) maturity and compliance, the security of the solution by reviewing pentest reports, etc. Our work directly affects the approval of business initiatives. This job also includes the performance of assurance reports reviews of existing 3rd parties.

We are a small team of 2 IT Security Auditors and in addition to this a hands-on teamlead.

We communicate and align regularly and have a large business audience as stakeholders.

Requirements:

• Bol is looking for a candidate who already has extensive experience as an (internal) auditor within IT.

• Professional knowledge in the field of CISA, CISSP and risk assessments. (must)

• Good command of English is key, Dutch is an advantage.

• Good communication skills, being able to independently handle files and discuss them with the business.

Also include a clear motivation which includes your background and relevant and recent experience.