Cybersecurity Auditor (Freelance)
We are seeking a meticulous and highly experienced Cybersecurity Auditor to evaluate and validate the effectiveness of our security controls. This role is essential for ensuring that our risk management strategies, training programs, and reporting protocols meet the highest standards of regulatory and internal compliance.
Project Overview
* Role: Cybersecurity Auditor
* Type: Freelance / Contractor
* Duration: Long-term project
* Start Date: June 2026
* Capacity: 3 days per week
* Location: Onsite in Belgium (EU Nationality Required)
Role Scope & Responsibilities
As the Lead Auditor, you will provide independent assurance that the organization's cybersecurity defense-in-depth strategy is functioning as intended.
* Comprehensive Auditing: Lead and execute complex cybersecurity audits across technical and administrative domains.
* Regulatory Alignment: Conduct internal security audits to verify compliance with EU-specific regulations (e.g., NIS2, GDPR) and internal policy requirements.
* Effectiveness Assessment: Evaluate the practical implementation and maturity of risk management frameworks, employee training programs, and incident reporting mechanisms.
* Gap Identification: Identify control weaknesses and provide actionable, risk-based recommendations for remediation.
* Reporting: Communicate audit findings clearly to stakeholders, ensuring a transparent view of the organization's security posture.
Key Deliverables
* Cybersecurity Audit Plan: A structured roadmap defining the scope, objectives, timeline, and methodology for upcoming audit cycles.
* Cybersecurity Audit Report: Formal documentation of audit findings, including evidence of compliance, identified vulnerabilities, and suggested improvements.
* Internal Audit Policy and Procedures: A set of standardized governing documents that define how internal audits are triggered, conducted, and followed up.
Required Qualifications & Skills
Mandatory Requirements:
* Experience: Significant track record in leading IT and cybersecurity audits within highly regulated environments (e.g., Finance, Government, or EU Institutions).
Relevant Certifications (minimum one):
* ISACA CISA (Certified Information Systems Auditor)
* Other certifications such as ISO 27001 Lead Auditor or CIA are considered a strong advantage.
Technical & Soft Skills:
* Profound knowledge of audit standards (COBIT, ISO/IEC 27001) and risk assessment methodologies.
* Strong analytical skills with the ability to interpret complex technical logs and policy documents.
* High level of integrity and the ability to deliver critical findings with diplomacy and professional skepticism.