IT Audit Specialist (m/f/d)
Your Tasks:
- Development of annual risk-oriented IT audit planning regarding IT systems/applications as well as outsourced areas in compliance with external (e.g. MaRisk) & internal requirements in coordination with superiors in Europe
- Execution of plan and special audits of IT systems and processes related to compliance with legal requirements (e.g. MaRisk, BAIT, SOX, DSGVO) or industry standards (e.g. BSI Grundschutz, ISO 27001) and internal requirements (global & regional requirements)
- Preparation of final reports to functional area or local & regional management, after coordination with supervisor and maintaining independence
- Provide updated information on quarterly reporting (progress of IT audit plan, summary of findings & implementation status of agreements reached) to regional management & corporate audit
- Provision of independent/objective consulting services for all organizational units of the Group to improve the internal control system (e.g. implementation of preventive or detective IT controls & ongoing monitoring processes - Continuous Auditing & Continuous Monitoring) as well as to accompany & support change processes
- Ongoing optimization & further development of audit methods and procedures (incl. the use of audit management software and common audit tools, e.g. Cognos, SekChek, Security Evaluator, DBVisualiser, AD-Audit, etc.) in coordination with the line manager
- Support of external audits (e.g. Bundesbank, deposit insurance) and the auditors in the context of the annual audit (including clarification of questions regarding the IT environment & system landscape in the branches)
- Close cooperation with local & regional auditors (operational & IT audit)
Your Profile:
- Successfully completed studies in information technology, business information systems or comparable training
- Several years of professional experience in the internal audit department of a bank or auditing company as well as experience in dealing with IT systems in an internationally active company
- Good knowledge of regulatory requirements and process-oriented audit approaches according to common standards (e.g. IDW, DIIR)
- Good knowledge of IT security standards (e.g. BSI Grundschutz and ISO27001) and IT frameworks (COBIT and ITIL)
- Convincing personality and excellent communication skills
- Fluent business English, German is nice to have