Lead Auditor IT (m/f/diverse)

The company

Commerzbank is a leading international commercial bank with branches and offices in almost 50 countries. The world is changing, becoming digital, and so are we. We are leaving the traditional bank behind us, and we are choosing to move forward as a digital enterprise.

As part of this strategy, Commerzbank continues the expansion of its Digital Technology Center in Sofia, Bulgaria. We need motivated people who will join us on this journey, and we are looking for a Lead Auditor IT in our Group Audit team.

The Lead Auditor as a senior audit specialist will play a critical role in Group Audit’s function as the third line of defence, sustainably building trust for Commerzbank’s stakeholders and strengthening the bank’s risk culture. By leveraging skills in technology, IT infrastructure, and programming, this role will drive effective audit processes and especially focusing on assessments of the IT risk management, software development, technical controls, and IT services provided by third parties. Group Audit supports the bank in achieving its corporate objectives by evaluating all activities, including outsourced functions, based on legal and regulatory requirements.

Your tasks:

• Managing audits and coaching team of auditors;
• Planning, scoping and conducting audits on IT applications and external service providers;
• Reporting and presenting insights and results of audits to Senior Management within and outside Group Audit;
• Assessing and reviewing the design and effectiveness of IT related processes, such as identity & access management, the management of security incidents and vulnerabilities, the disaster recovery and business continuity management, logging and monitoring processes;
• Testing interfaces, including APIs;
• Analysing and auditing software development, test and change processes, also in context of agile work, CI/CD, DevOps, and cloud computing;
• Supporting the follow-up of corrective measures from internal and external audits;
• Participating in regular reporting to the board of managing directors and the supervisory board.

Your profile:

• Experience in an IT environment, such as an IT (lead) auditor, information security specialist, network engineer, system administrator, software developer, database administrator, technical support, enterprise architect, or similar role;
• Strong knowledge in IT related areas and processes, such as software development, identity & access management, change and incident management, disaster recovery and business continuity management, vendor management, security logging and monitoring, cloud computing;
• Experience in one major object-oriented programming language or scripting languages such as C++, C#, Java, Python, PowerShell;
• Certifications such as CISA, ISO 27001 or similar would be considered a plus;
• Knowledge of relevant regulations, standards and frameworks (e.g. ISO 2700x, NIST, EBA guidelines) as well as banking experience are considered advantageous;
• Interpersonal skills for effective collaboration with colleagues and stakeholders;
• Management experience would be considered an advantage;
• Excellent verbal and written communication abilities for clear articulation of ideas;
• Ability to uphold ethical judgment and integrity in all activities and compliance with regulations;
• Fluency in English – both written and spoken, German would be considered an advantage;
• University degree or equivalent practical experience in the respective area;

In return we offer:

• Good work-life balance, including 25 days annual paid leave (increasing with 1 day per year up to 31 in total), flexible working hours and work-from-home and work from abroad opportunities;
• Luxury package of additional health and dental insurance;
• Food vouchers in the amount of 128 BGN monthly;
• 6 additional annual days off for exceptional circumstances;
• Employee assistance program for psychological, financial and legal consultations;
• Multisport card;
• Annual contribution of 300 BGN net per child for a summer camp/school/kindergarten for children up to age of 15;
• Possibilities for building career-advancing skills by covering training/certification courses and conferences based on individual learning and development needs, access to an online learning platform;
• Opportunities for long-term professional development in a stable, 150-year-old company while contributing to the vision of a new, just starting Digital Technology Center;
• Friendly and supportive multicultural environment, open to new opinions and ideas.

Commerzbank is proud to be an equal opportunity employer, committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to gender, race, colour, national origin, religion, gender identity or expression, sexual orientation, genetics, disability, age, or any other characteristics.

Challenge accepted? Apply now with your up-to-date CV in English!