ICT Auditor in the 2nd Line of Defense | IKT-Prüfer*in in der 2nd Line of Defence

Commerzbank AG

Frankfurt am Main, Hessen, Deutschland
Published Jun 24, 2025
Full-time
Permanent

Job Summary

As an experienced ICT Auditor, you will play a crucial role in establishing and implementing a comprehensive, theme-based audit process for ICT Risk Management, including Threat-Led Assessments. You will independently conduct audits, continuously refine audit methodologies, identify and assess risks, and derive ICT-relevant measures, ensuring compliance with legal, regulatory, and internal requirements. Your findings will be concisely summarized in audit reports in both German and English for the responsible divisional board. This position offers the opportunity to work in a versatile and motivated team, taking responsibility for specialized topics, developing audit approaches, and driving initiatives in data analysis and continuous auditing, utilizing agile and classical project management methods.

Required Skills

Education

Degree in Computer Science or Business Informatics, or completed vocational training in an IT-relevant, commercial, business administration, or technical field. Specialized additional qualifications such as CISA, CISM, CISSP, ISO/IEC 27001 Lead Auditor, or comparable certifications.

Experience

  • Several years of experience in conducting IT audits or as an ISMS/ISO27001 auditor
  • Experience with data analysis
  • Experience with agile working methods
  • Experience with project management skills
  • Experience with digitalization processes in banking

Languages

German (Fluent)English (Fluent)

Additional

  • Familiarity with internal banking, legal, and regulatory requirements (e.g., MaRisk, IT-Sicherheitsgesetz, BAIT, NIST, DORA, ISO/IEC 27001).