You manage various audits to evaluate compliance and risks, engage with management on findings, and ensure adherence to security regulations while overseeing third-party assessments.
Anforderungen
- •Completed studies in Computer Science or related field
- •5+ years experience in auditing or consulting
- •Specialized knowledge in Access Controls and Security
- •Best practices experience in end-to-end IT audits
- •Experience with ISO 27001:2022 and COBIT is advantageous
- •Excellent English language skills; German is a big plus
- •Certifications like CISA or CISSP are highly advantageous
- •Willingness to travel up to 20%
Deine Aufgaben
- •Plan short-term, mid-term, and long-term audits.
- •Conduct internal audits in regulated and non-regulated areas.
- •Coordinate audit requests and defend against external IT assessments.
- •Report audit results and identify trends for management.
- •Discuss and follow up on mitigation plans with auditees.
- •Ensure compliance with information security requirements like DORA and PCI-DSS.
- •Plan and execute third-party audits under the Digital Operational Resilience Act.
Deine Vorteile
Flexible working conditions
Possible 80% remote work
Original Beschreibung
# Senior Manager IT Audit (m/f/d)
**We are looking for a**
Senior Manager IT Audit (****m/f/d)**
**(unlimited, full-time) Join our team at our locations in Berlin, Verl, and Amsterdam – flexible working conditions available**
**What you bring to this position**
* Completed studies in either Computer Science, IT Security, Information Security, Cyber Security, IT Governance/Management, or a related discipline.
* 5+ years of experience in auditing or consulting companies in regulated industries, ideally in the financial sector, focusing on IT/Tech.
* Specialized knowledge in Access Controls, API and Web Service Security, Configuration Management, Cloud Security, Authentication and Authorization, Secure Communication, and Penetration Testing.
* Best practices experience in end-to-end IT audits, including scoping, fieldwork, reporting, and follow-up activities, following a risk-based auditing, including control testing.
* Experience with standards such as ISO 27001:2022, BSI C5, ITIL, and COBIT is advantageous.
* You have excellent English language skills; German language skills are a big plus.
* Certifications such as CISA, CISM, CRISC, CISSP, Azure AZ/DP, or AWS “Certified” are highly advantageous.
* You are willing to travel nationally and internationally (up to 20%) when needed, while 80% working from home is possible.
**What will be your challenge?**
* Plan audits on a short-term, mid-term, and long-term risk-based approach.
* Conduct internal audits focused on tech areas within the regulated and non-regulated entities of Riverty.
* Coordinate audit requests and perform audit defense on external IT assessments in the second line of defense.
* Report directly to management about audit results and consolidate results to show trends to management.
* Discuss mitigating measures with the auditees and follow up on the mitigation plans in a planned manner.
* Ensure compliance with internal and external information security-related requirements, such as DORA, PCI-DSS, ISO 27001, or ISO 22301.
* Additionally, you will plan and execute third—and partly fourth-party audits in the context of the Digital Operational Resilience Act (DORA).
# EUR13
Date:
May 6, 2025
Location:
Europe multi-location, NW, DE, 33415
**Job Segment:**
Information Security, Computer Science, Cyber Security, Audit, Consulting, Technology, Security, Finance