Back to Job Listings

ICT Auditor in the 2nd Line of Defense | IKT-Prüfer*in in der 2nd Line of Defence

Commerzbank AG

Frankfurt am Main, Hessen, Deutschland
Published Jun 24, 2025
Full-time
Permanent
View original

Job Summary

As an experienced ICT Auditor, you will play a crucial role in establishing and implementing a comprehensive, theme-based audit process for ICT Risk Management, including Threat-Led Assessments. You will independently conduct audits, continuously refine audit methodologies, identify and assess risks, and derive ICT-relevant measures, ensuring compliance with legal, regulatory, and internal requirements. Your findings will be concisely summarized in audit reports in both German and English for the responsible divisional board. This position offers the opportunity to work in a versatile and motivated team, taking responsibility for specialized topics, developing audit approaches, and driving initiatives in data analysis and continuous auditing, utilizing agile and classical project management methods.

Required Skills

Education

Degree in Computer Science or Business Informatics, or completed vocational training in an IT-relevant, commercial, business administration, or technical field. Specialized additional qualifications such as CISA, CISM, CISSP, ISO/IEC 27001 Lead Auditor, or comparable certifications.

Experience

  • Several years of experience in conducting IT audits or as an ISMS/ISO27001 auditor
  • Experience with data analysis
  • Experience with agile working methods
  • Experience with project management skills
  • Experience with digitalization processes in banking

Languages

German (Fluent)English (Fluent)

Additional

  • Familiarity with internal banking, legal, and regulatory requirements (e.g., MaRisk, IT-Sicherheitsgesetz, BAIT, NIST, DORA, ISO/IEC 27001).

More Jobs from Commerzbank AG

Citrix Specialist | Citrix Spezialist

Nov 27, 2025

This role involves designing, maintaining, and enhancing the Citrix infrastructure, specifically foc...

Security Incident Response Lead | Security Incident Response Lead

Nov 13, 2025

This critical role involves leading and coordinating security incident response activities across al...

Security Incident Manager, Cyber Risk & Information Security | Security Incident Manager in Cyber Risk & Informationssicherheit

Nov 4, 2025

This role seeks an experienced Security Incident Manager to serve as the critical interface between ...