Senior Auditor IT Compliance (m/f/d)

Senior Auditor IT Compliance (m / f / d)

Are you looking for an opportunity in a fast-growing, global IT team where collaboration, innovation, and a stakeholder-centric approach are priority? As part of Simon-Kucher, our IT works globally as a trusted partner inthe company’s journey toward success and navigates the ever-changing technological landscape. As Senior Auditor IT Compliance you play a crucial role in the planning and documentation as well as the execution and coordination of IT audit management and actively shape our employee’s work environment. Apply and supportgrowth as a member of our global IT team!

What makes us special :

• Advance your career with exciting professional opportunities in our thriving company with a startup feel
• Voice your unique ideas in a corporate culture defined by our entrepreneurial spirit, openness, and integrity
• Feel at home working with our helpful, enthusiastic colleagues who have great team spirit
• Broaden your perspective with our extensive training curriculum and learning programs (e.g. LinkedIn Learning)
• Speak your mind in our holistic feedback and development processes (e.g. 360-degree feedback)
• Enjoy our benefits, such as hybrid working, daycare allowance, corporate discounts, and wellbeing support (e.g. Headspace)
• Unwind in our break areas where you can help yourself to the healthy snacks and beverages provided
• See another side of your coworkers at our frequent employee events and highly anticipated World Meeting and Holiday Party

How you will create an impact :

• You plan audits by analyzing Information Security Standards, such as ISO 27001 : 2022, and define audit scopes within your area of expertise.
• You create and maintain structured audit catalogues tailored to the identified scope.
• You draft audit plans for your assigned audit areas.
• You perform audits in line with the approved audit plan, covering both internal processes and assets as well as audits of external service providers.
• You assess a broad range of audit topics, including IT systems, infrastructure and processes, information security management processes, and on-premise or virtual audits of physical security.
• You document findings clearly and thoroughly to enable process and asset owners to identify and develop mitigation measures and implementation plans.
• You contribute to the risk register through the clear classification and documentation of audit findings and collaborate with IT compliance and risk stakeholders.
• You report audit results to the CTO.
• You are involved in certification audits.
• You support client assessments by providing information or take part in client meetings.

About you :

• You hold a university degree or formal education in informatics, business informatics, IT security, or a similar field.
• You are trained or have developed yourself into an Auditor or Senior Auditor for information security or IT / cybersecurity.
• You have at least 4–5 years of experience in similar audit roles within international organizations.
• You have hands-on experience with auditing of either ISO 2700x standards, BSI Grundschutz, SOC 2 Type II, or similar standards covering information security and information security management.
• Certifications concerning information security auditing are a plus.
• You are experienced in audit planning, including scope definition, method selection, guidance of the auditees through the audit process, and realistic estimation of time and efforts.
• You are familiar with risk management terminology and methodologies.
• You demonstrate strong analytical thinking, self-motivation, and a structured, results-oriented approach to your work.
• You have very good communication skills and are fluent in both German and English (minimum B1 level).
• You uphold the highest ethical standards in auditing, ensuring objectivity, confidentiality, and independence at every stage of the process.