Over de functie

Job title: Audit & Compliance Manager — Information Security
Location: Amsterdam, Netherlands
Start: ASAP
Duration: 6 months
Experience: 10+ years
Language: English (C1 required); Dutch is a plus

Role summary
Senior Information Security Audit & Compliance lead responsible for planning and executing security audits, assessing cyber‑risk posture, and ensuring compliance with applicable standards and regulations. Drive audit programs, remediation tracking, and continuous improvement to protect critical assets and meet regulatory and internal requirements.

Key responsibilities

• Develop and run information security audit plans (internal and supplier/vendor audits) across people, processes and technology.

• Assess controls against standards/regulations (ISO 27001, NIST, GDPR, SOC, PCI as applicable) and internal policies.

• Perform risk‑based audits and gap analyses, identify control weaknesses and recommend pragmatic remediation actions.

• Lead compliance assessments, prepare evidence and reporting for management and external auditors.

• Track remediation activities, verify closure of findings and drive continuous improvement with stakeholders.

• Coordinate with security, IT, legal, risk and business teams to align control frameworks and ensure audit readiness.

• Review technical and procedural controls for cloud, network, application and endpoint security.

• Support third‑party risk management: evaluate vendor security posture and manage supplier audit activities.

• Produce clear, actionable audit reports, risk ratings, executive summaries and presentations for senior management.

• Mentor and guide junior auditors; promote audit best practices and a culture of compliance.

Must‑have skills & qualifications

• 10+ years’ experience in information security audit, cybersecurity auditing or related compliance roles.

• Bachelor’s degree in information security, cybersecurity, IT audit, or related field.

• Strong knowledge of security standards and regulatory frameworks (ISO 27001, NIST, GDPR, SOC, etc.).

• Hands‑on experience performing technical and process audits across IT, cloud and security domains.

• Excellent audit methodology, risk assessment, evidence collection and reporting skills.

• Strong stakeholder management and communication skills; able to present findings to technical teams and executives.

• English at C1 level (minimum).

Preferred skills

• Professional certifications such as CISA, CISSP, CRISC, ISO 27001 Lead Auditor or equivalent.

• Experience auditing cloud platforms (Azure, AWS, GCP), identity/security controls and DevOps pipelines.

• Familiarity with penetration testing results, vulnerability management and secure‑by‑design principles.

• Experience with governance, risk and compliance (GRC) tools and audit management platforms.

• Prior experience in large enterprise or regulated industries (finance, healthcare, critical infrastructure).

What we offer

• Senior, high‑impact audit role influencing security posture and compliance in a major organisation.

• Cross‑functional collaboration with security, risk and business stakeholders in Amsterdam.

• 6‑month engagement with potential for extension based on programme needs.

Wat breng jij als Audit & Compliance Manager — Information Security

Wat bieden wij vanuit ITproposal B.V.