The principal IT auditor will carry out planning, preparation, coordination and execution of audits, mainly in the area of IT infrastructure, IT infrastructure applications, operation of IT platforms and IT processes. Further engagement is expected in the areas of information security and review of IT vendors. Main business tasks will be the discovery and assessment of risks and the communication to the responsible management. Additionally, monitoring and supervision of risk compensation controls will fall under the auditor’s responsibility. This individual will be expected to be hands on with the entire audit lifecycle including besides other thing the entire documentation relating to the audit in line with the banks methodology in a tools based environment; therefore demonstrable experience in this area is mandatory.
Suitable candidates would have prior hands on working experience in IT infrastructure / IT applications / information security and are currently in a technology audit function in a global banking / audit firm or have been career auditors in these functional areas with a passion for staying abreast with the latest developments.
- The position is defined as principal IT auditor reporting into a Principal Audit Manager (PAM) who in turn reports in the Chief Auditor (CA). The CA has global audit responsibility for IT Infrastructure.
- The position will carry out planning, preparation, coordination and execution of audits to evaluate the adequacy and effectiveness of technology controls within DB’s IT department. audit activities will be carried out in accordance with group audit methodology and the established risk assessment framework.
- The position will contribute to business monitoring/ continuous audit assessment and overall implementation of group audit methodology.
- The position will undertake audit assignments, draft and consolidate audit reports for review by audit management and facilitate finding tracking and validate closure of findings.
- The position will work as team member or audit coordinator in a global audit team together with Principal Audit Managers in SG,NY, LDN or FFM. Open dialog communication and culture knowledge is imperative for this position.
- The position will be required to complete all work assignments on a timely basis. This may also include ad hoc projects and special inquiries.
- The position offers the opportunity to develop relationships across the DB franchise and to communicate orally and in writing the results of the work to clients at all levels. A pro-actively develop and maintaining professional working relationships with colleagues, the business and respective support areas is expected.
- The position will act as natural role model and reference point for the peer group.
- University degree in computer science, mathematics, engineering or a related scientific degree. Certifications as CISA, CISM, CISSP or equivalent qualification in the areas of information security, project management or process-/quality management would be an advantage.
- Demonstrable experience in one or more of the following technical disciplines is a pre-requisite: IT infrastructure, IT production, IT operation such as system administrator, database administrator, operator in a data centre or software development for IT infrastructure applications. Expertise gained in the banking environment is beneficial, but not critical.
- Experience in IT audit, IT risk management or information security.
- A good understanding of the following IT disciplines: IT security, IT production controls (e.g. change-/ problem- management), information security, operating systems, databases and regulatory requirements in the banking sector.
- A fundamental understanding of the following audit disciplines: audit concepts (e.g. pre-/post implementation audits), controls in outsourced environments (e.g. for managed services), auditing project management and auditing IT service- and quality management.
- Very good written/verbal communication skills and the ability to communicate effectively in conflicts and at all management levels. Language skills beyond English are not a requirement, but are generally useful.
- Experiences in analysing and articulating IT infrastructure risks combined with a good understanding of IT services and IT processes in an enterprise environment.
- Flexibility, pro-active, self sufficient and innovative with strong organisational skills to take ownership and responsibility of agreed targets and meet them within budget to enable a timely and efficient completion of audit projects.
- Ability to multi-task assignments and prioritise the workload with limited supervision and be resilient under pressure and the ability to deliver to deadlines.
UNIX, STORAGE, NETWORKS, DATA CENTERS, CLOUD