Vacatures IT Risk Professionals
logo EY

Security Assurance Specialist - EY

Location: Amsterdam
Employment: Full-time

Job description

At EY, you will have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we are counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself, and a better working world for all.

EY Technology:

Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have over 280,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day.  Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients.  Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.

EY Technology supports our technology needs through three business units:

Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
Enterprise Workplace Technology (EWT) – EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.   

Job Summary

EY Information Security is recruiting a Client Assurance Associate Director, serving The Netherlands and the region of  Europe West. The position needs to be filled in The Netherlands.  Minimal travel is anticipated for this position.

The Client Assurance Associate Director is responsible for coordinating and supporting responses to all client and regulatory inquiries concerning EY’s information security governance and cybersecurity program within their geographic area.  The role will actively collaborate with security and technology teams around the globe providing local context, direction, technical knowledge and analysis of information security assurance needs within your area.
You’ll be primarily responsible for assisting EY engagement teams in addressing client requests regarding the security of EY’s traditional and cloud-based technology solutions used to deliver professional services to our clients. Additionally, you’ll be responsible for assisting EY teams in engaging with our regulators by representing EY Information Security in the areas of information security governance and cybersecurity. You’re likely to balance your time between multiple requests and responsibilities, supporting your team on challenging pursuits and engagements while learning about EY’s leading-edge technologies.

By joining EY’s Client Assurance team, you’ll be part of a truly collaborative environment working with a team dedicated to providing globally accurate and consistent assurance to our clients that EY will safeguard their data wherever it is stored, processed and used.

Your key responsibilities include

Client Security Assurance

  • Contribute to the development, implementation and maintenance of the Client Security Assurance function for your area
  • Support inquiries and onsite assessment requests from local regulators regarding the EY governance process, technologies and information security controls
  • Support EY engagement teams with client led security assessments, inquiries, and onsite reviews regarding EY’s Global Information Security Program
  • Identify opportunities and execute plans to improve the security assurance workflow in both the global and local context while quantifying the business impact of those improvement for communication to management

Local Information Security Liaison

  • Engage with technology and business teams within your area to educate them on EY’s Information Security program, guiding them to the right teams and services to support their needs
  • Advise, raise awareness and assist project managers and operational staff on the security requirements (technology, process, data management, etc.) to be integrated into each of our projects
  • Is the voice of Information Security to local leadership to create confidence about the level of information security measures and risk mitigation
  • Provide guidance on compliance for all local IT controls as defined in the Global Information Security Policy
  • Facilitate internal and external Information Security certifications and audits and other compliance activities for relevant applications/services
  • Pro-actively drive security awareness and risk appetite in the EY NL organization. Raise the profile of security within the organization by being pro-actively involved with stakeholders and clients (not limited to projects)
  • Represent Information Security within local Business Continuity Plans
  • Act as a trusted advisor to client-facing delivery teams, the innovation and development community and associated internal groups, linking these teams with subject experts concerning the application of EY’s Information Security policies, standards and guidelines
  • Be the voice of Information Security in the Service Lines and CBS and the voice of the local firm within Information Security
  • Facilitate the response to local security incidents with Global Information Security, working closely with Risk, GCO, DPO, Business, CBS, Technology and Global Information Security stakeholders
  • Guide teams procuring third party services regarding the firm’s third-party information security risk assurance practices and program

To qualify for the role you must have

  • Ten or more years of experience in Information Security or Information Technology disciplines 
  • Experience working with common information security standards, such as ISO 27001/27002, NIST, ITIL, COBIT
  • Understanding of security related regulatory and data privacy concerns globally
  • Familiarity with the data protection requirements of EU GDPR
  • Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
  • Outstanding management, interpersonal, communication, organizational, and decision-making skills
  • Experience translating information security concepts into business and technical language
  • Fluency in reading, writing and speaking Dutch and English 

Ideally, you’ll also have a selection of the following

  • An advanced degree in Computer Science, Information Systems, Engineering or a related major
  • Professional certifications such as CISSP, GIAC, CISM or CISA
  • Experience with cloud security concepts and enterprise federation services 

What we look for

  • An individual who communicates clearly and with self-confidence
  • An individual who works independently with minimal oversight from management
  • Ability to understand and integrate cultural differences and work effectively in cross cultural teams
  • Demonstrated integrity and judgment within a professional environment
  • Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
  • Outstanding management, interpersonal, communication, organizational, and decision-making skills
  • The demonstrated characteristics of a forward thinker and self-motivator who thrives on new challenges and adapts to learning new knowledge

What working at EY offers

We offer:
• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
EY strives to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

EY | Building a better working world 

EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets.  
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.  
Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. 


Information and application:


Please send your application for Security Assurance Specialist at EY in Amsterdam including your CV via our website.

Job posted
10 september 2021
Apply Now

Read all about working at EY

Wil je deze vacature delen met je netwerk?


Transistorstraat 7
1322 CJ Almere

Postbus 60184
1320 AE Almere

Tel: 036 - 7440 136

KvK 32090652
ING Bank NL91INGB065.42.67.456
BTW NL.8106.57.041.B01

Wie we zijn is onderdeel van het platform van CareerGuide, 25 vacaturebanken voor specialisten!
Onze vacaturebanken (geen bemiddeling) bieden professionals relevante vacatures binnen hun expertise.

Ook een vacature plaatsen? Neem contact met ons op:

Nienke Smit   Pieter Lammers
Nienke Smit
  Pieter Lammers