Your Tasks:
* Development of annual risk-oriented IT audit planning regarding IT systems/applications as well as outsourced areas in compliance with external (e.g. MaRisk) & internal requirements in coordination with superiors in Europe
* Execution of plan and special audits of IT systems and processes related to compliance with legal requirements (e.g. MaRisk, BAIT, SOX, DSGVO) or industry standards (e.g. BSI Grundschutz, ISO 27001) and internal requirements (global & regional requirements)
* Preparation of final reports to functional area or local & regional management, after coordination with supervisor and maintaining independence
* Provide updated information on quarterly reporting (progress of IT audit plan, summary of findings & implementation status of agreements reached) to regional management & corporate audit
* Provision of independent/objective consulting services for all organizational units of the Group to improve the internal control system (e.g. implementation of preventive or detective IT controls & ongoing monitoring processes - Continuous Auditing & Continuous Monitoring) as well as to accompany & support change processes
* Ongoing optimization & further development of audit methods and procedures (incl. the use of audit management software and common audit tools, e.g. Cognos, SekChek, Security Evaluator, DBVisualiser, AD-Audit, etc.) in coordination with the line manager
* Support of external audits (e.g. Bundesbank, deposit insurance) and the auditors in the context of the annual audit (including clarification of questions regarding the IT environment & system landscape in the branches)
* Close cooperation with local & regional auditors (operational & IT audit)
Your Profile:
* Successfully completed studies in Computer Science, Business Informatics or a comparable training
* Several years of professional experience in internal auditing at a bank or auditing company
* Several years of experience in dealing with IT systems in an international company
* Detailed knowledge of process-oriented audit approaches in accordance with current standards (e.g. IDW, DIIR as well as relevant frameworks (CobiT, ITIL) and regulatory requirements (MaRisk, BaIT, DORA)
* Experience with auditing common ERP systems (SAP), databases, network infrastructure and Identiy & Access Management
* MS Office; good knowledge of project management procedures and methods
* Good knowledge of IT security standards (e.g. BSI basic protection and ISO27001) and IT frameworks (COBIT and ITIL)
* Professional exams (e.g. CISA, CISSP, ISO 27001 Lead Auditor) or comparable qualifications are an advantage
* Passion for all IT and IT security topics
* Convincing personality and excellent communication skills
* Fluency in written and spoken in English, German is an advantage
* Willingness to travel within Europe