IT Compliance Auditor

IT Compliance Auditor in the United Kingdom - London. Are you looking for an opportunity in a fast-growing, global IT team where collaboration, innovation, and a stakeholder-centric approach are priority? As part of Simon-Kucher, our IT team works globally as a trusted partner in the company’s journey toward success and navigates the ever-changing technological landscape. As an IT Compliance Auditor, you will play a vital role in planning, documenting, executing, and coordinating IT audits, while actively shaping and improving our employees’ work environment. Apply and support growth as a member of our global IT team! We are based in London, offering a hybrid work model. However, for candidates located outside of London, there is potential for a fully remote arrangement.

• Plan audits by analyzing Information Security Standards, such as ISO 27001:2022, and define audit scopes within your area of expertise.
• Create and maintain structured audit catalogues tailored to the identified scope.
• Draft audit plans for your assigned audit areas.
• Perform audits in line with the approved audit plan, covering both internal processes and assets as well as audits of external service providers.
• Assess a broad range of audit topics, including IT systems, infrastructure and processes, information security management, and on-premise or virtual audits of physical security.
• Document findings clearly and thoroughly to enable process and asset owners to identify and develop mitigation measures and implementation plans.
• Contribute to the risk register through the clear classification and documentation of audit findings and collaborate with IT compliance and risk stakeholders.
• Report audit results to the CTO.
• Involved in certification audits. Support client assessments by providing information or take part in client meetings.

• You hold a university degree or equivalent in informatics, business informatics, IT security, or a similar field.
• Fluent English and intermediate German skills (at least B1 level).
• Trained or have developed yourself into an Auditor or Senior Auditor for information security or IT/cybersecurity.
• Have at least 4–5 years of experience in similar audit roles within international organizations.
• Have hands-on experience with auditing of either ISO 2700x standards, BSI Grundschutz, SOC 2 Type II, or similar standards covering information security and information security management.
• Certifications in information security auditing are a plus.
• Experienced in audit planning, including scope definition, method selection, guidance of the auditees through the audit process, and realistic estimation of time and efforts.
• Familiar with risk management terminology and methodologies.
• Demonstrate strong analytical thinking, self-motivation, and a structured, results-oriented approach to your work.
• Uphold the highest ethical standards in auditing, ensuring objectivity, confidentiality, and independence at every stage of the process.

Work within a corporate culture defined by our entrepreneurial spirit, openness, and integrity. Broaden your perspective with our extensive training curriculum and learning opportunities. Push your development with support from our holistic feedback and development processes. Enjoy our range of benefits and our focus on your wellbeing.