Senior IT Auditor

Your responsibilities

• Lead and execute comprehensive IT audit engagements, including IT general controls, application controls, and cybersecurity reviews.

• Assess IT governance, risk management practices, and internal controls across Avafin’s technology landscape.

• Perform detailed testing and analysis to evaluate control effectiveness, regulatory compliance, and operational resilience.

• Apply frameworks such as COBIT, ISO/IEC 27001, ITIL, and NIST to identify control gaps and assess risks.

• Prepare high‑quality audit reports and present findings to IT leaders, process owners, and senior management.

• Contribute to the creation and maintenance of the annual, risk‑based audit plan with a specific focus on IT and cybersecurity.

• Identify and assess emerging IT and cybersecurity risks across Avafin’s European operations.

• Use data analytics and continuous auditing techniques to improve audit coverage and efficiency.

• Build and maintain strong relationships with stakeholders across multiple EU jurisdictions.

• Monitor and validate the implementation of audit recommendations.

• Support business process audits by integrating IT audit expertise.

• Provide advisory services aligned with the Internal Audit Charter and IIA Standards.

• Contribute to continuous improvement of audit methodologies, tools, and compliance with IIA Standards and the Code of Ethics.

Our requirements

• Bachelor’s degree in Information Technology, Computer Science, Internal Audit, or a related field.

• CISA certification is required.

• Additional certifications are a plus: CRISC, CISM, CISSP, CIA.

• Minimum 5 years of experience in IT or information systems auditing, ideally in financial services or fintech.

• Proven experience delivering ITGC and application controls audits.

• Experience leading IT audit engagements and managing co‑sourced or third‑party audit partners.

• Experience working across multiple EU jurisdictions or in a multinational regulatory environment.

• Strong working knowledge of COBIT, ISO/IEC 27001, ITIL, and NIST frameworks.

• Solid understanding of SDLC and IT project management practices.

• Knowledge of IT and cybersecurity risk management principles.

• Proficiency with data analytics tools and techniques used for IT audit.

• Fluent English (written and spoken).

• Willingness to travel: up to 20% within Europe and Mexico.

What we offer

• Employment based on an employment contract or B2B agreement.

• Hybrid work.

• Flexible working hours, both in our Warsaw office and from home.

• Extensive development and learning opportunities supported by an educational budget.

• Collaboration with competent, professional, and friendly colleagues and supportive managers.

• Additional benefits (sports card, medical care, holiday allowances, Christmas gifts, loyalty program with additional days off, etc.).