Head of IT Audit

• Represent the IT Audit department internally and externally (incl. regulators, Audit Committee, and key stakeholders)
• Provide disciplinary leadership of the IT Audit team, including staffing and capacity planning, coaching, and development
• Own audit planning for IT Audit (risk assessment, annual plan, scoping, prioritization)
• Drive the continuous improvement of IT audit methodology and related internal audit processes (e.g., ToD/ToE approaches, reporting standards)
• Steer and monitor IT audits at both group and entity level
• ensure timely delivery and high-quality outcomes
• Manage and oversee external service providers supporting Internal Audit (IT-audit related), including performance, quality, and deliverables
• Ensure quality assurance for IT audit workpapers, reporting, and adherence to Internal Audit standards (IT-audit related)
• Independent preparation and conducting of IT audits, incl. drafting of audit reports and coordination with stakeholders
• Participation in the review and assurance of the internal control system, compliance, security and efficiency of IT processes and systems
• Follow up review of internal and external audit findings
• Balance audit independence with constructive collaboration across IT, Risk, Compliance, and Operations
• Translate complex IT risks into clear, actionable insights for the Board, Audit Committee, and regulators

• 7-10 years in IT / IT risk / cybersecurity / audit, ideally in banking or fintech, including 5+ years in IT audit or a related consulting/audit environment with strong exposure to BAIT/MaRisk/KWG/ISO/IT-Grundschutz
• Education degree in Business Informatics, Information Technology, Computer Science, Cyber Security, Information Security or similar field
• First proven leadership experience leading, mentoring and guiding IT auditors
• Experience as an IT auditor or IT risk consultant in auditing techniques (ToD and ToE)
• Familiar with COBIT, ITIL, ISO 27001, MaRisk, DORA, BAIT, PSD2, GDPR, NIST
• Technical Competencies in Core banking systems, cloud-based infrastructures, API-driven platforms
• Experience with regulator interactions, audit committees, and board-level reporting
• Deep understanding of threats, incident management, encryption, identity & access management, GDPR compliance
• Ability to align IT audit plans with the bank’s risk appetite and growth strategy
• Familiarity with outsourcing/vendor risk management in financial services
• Regulatory & Risk Knowledge with a strong grasp of EBA, MaRisk, ECB guidelines, especially regarding IT risk, outsourcing, and cloud usage in banking
• Good understanding of an audit software and audit tools
• Start-up or scale-up experience - a strong comfort level operating in an environment with fast-paced, evolving fintech environment, ambiguity, and constant change
• Fluent German and English communication skills

CISA / CISSP certifications

• Home office budget
• Learning & development budget of €1000 per year and a transparent growth framework to support your career goals
• Competitive salary and a variable remuneration program
• Monthly meal allowance
• Deutschland ticket subsidy
• 28 vacation days, increasing by 2 days after 2 years and 3 days after 3 years with Solaris
• Opportunity to work abroad for up to 12 weeks per year