Senior Auditor IT Compliance

Are you looking for an opportunity in a fast-growing, global IT team where collaboration, innovation, and a stakeholder-centric approach are priority? As part of Simon-Kucher, our IT works globally as a trusted partner in the company’s journey toward success and navigates the ever-changing technological landscape. As Senior Auditor IT Compliance you play a crucial role in the planning and documentation as well as the execution and coordination of IT audit management and actively shape our employee’s work environment. Apply and support growth as a member of our global IT team!

What makes us special:

• Become part of a unique entrepreneurial team. Think independently, use your initiative, and take some risks. Entrepreneurship is a powerful force that drives the growth not only of our firm but our clients and people.

• Unlock the power of opportunity. Advance your career in a thriving company that creates positive impact. We invest in your professional development every step of the way.

• Enjoy balance and flexible working. Be empowered to do your best work – we offer flexible and hybrid working, sabbaticals, and paid time off.

• Prioritize your health and wellbeing. No matter where you live, we offer a competitive suite of health benefits to help keep you and your loved ones safe.

• Work in a values-driven culture. At Simon-Kucher, our vision is to become the world's leading growth specialist. Our values guide the way we do business and communicate our distinctiveness. They sum up what we stand for, influence our culture, and drive how and why we do things.

How you will create an impact:

• You plan audits by analyzing Information Security Standards, such as ISO 27001:2022, and define audit scopes within your area of expertise.

• You create and maintain structured audit catalogues tailored to the identified scope.

• You draft audit plans for your assigned audit areas.

• You perform audits in line with the approved audit plan, covering both internal processes and assets as well as audits of external service providers.

• You assess a broad range of audit topics, including IT systems, infrastructure and processes, information security management processes, and on-premise or virtual audits of physical security.

• You document findings clearly and thoroughly to enable process and asset owners to identify and develop mitigation measures and implementation plans.

• You contribute to the risk register through the clear classification and documentation of audit findings and collaborate with IT compliance and risk stakeholders.

• You report audit results to the CTO.

• You are involved in certification audits.

• You support client assessments by providing information or take part in client meetings.

Your profile:

• You hold a university degree or formal education in informatics, business informatics, IT security, or a similar field.

• You are trained or have developed yourself into an Auditor or Senior Auditor for information security or IT/cybersecurity.

• You have at least 4–5 years of experience in similar audit roles within international organizations.

• You have hands-on experience with auditing of either ISO 2700x standards, BSI Grundschutz, SOC 2 Type II, or similar standards covering information security and information security management.

• Certifications concerning information security auditing are a plus.

• You are experienced in audit planning, including scope definition, method selection, guidance of the auditees through the audit process, and realistic estimation of time and efforts.

• You are familiar with risk management terminology and methodologies.

• You demonstrate strong analytical thinking, self-motivation, and a structured, results-oriented approach to your work.

• You are fluent in English on a business level (C1).

• You have good communication skills in German (minimum B1 level). 

• You uphold the highest ethical standards in auditing, ensuring objectivity, confidentiality, and independence at every stage of the process.