Head of Internal Audit

Your mission

We are a leading financial services institution specializing in digital asset custody and crypto-related services. Renowned for our innovation and resilience, we place strong emphasis on the security and efficiency of our IT infrastructure. To further strengthen our internal control framework, we are seeking a highly skilled and committed Head of Internal Audit to oversee and advance our audit function, with a focus on IT and crypto regulatory compliance.

In this role, you will:

Strategic Audit Leadership

• Lead and develop a small internal audit team with a focus on excellence and continuous improvement.
• Design and execute the annual audit plan, prioritizing areas of regulatory and operational significance.
• Actas the central point of contact for all internal and external audit stakeholders.

• Plan and conduct risk-based audits with an emphasis on IT systems, information security, and crypto-related processes.
• Review compliance with regulatory frameworks such as MiCAR, DORA, BAIT, MaRisk, and the KWG.
• Perform audits covering information security, application development, IT operations, IT governance, data management, and outsourcing.

• Prepare detailed audit reports with actionable recommendations.
• Present findings to executive management and relevant governance committees.
• Support reporting requirements for quarterly and annual audit activities.

• Provide advisory services to business units on regulatory requirements, IT controls, and industry best practices.
• Support the ongoing enhancement of the internal control system (ICS), particularly in the area of cybersecurity.
• Monitor implementation of remediation measures and follow up on audit findings.

• Coordinate and liaise with external auditors and supervisory authorities.
• Manage external service providers involved in audit projects.

What you need to be successful:

• University degree in Computer Science, Information Systems, or a related field.
• At least 5 years of experience in auditing financial institutions, preferably with a focus on IT or crypto services.
• Proven knowledge of relevant regulatory frameworks: MiCAR, DORA, BAIT, MaRisk, KWG.
• Solid understanding of blockchain technology and crypto asset services.
• Experience leading small teams and managing cross-functional audits.
• Familiarity with audit standards such as ISO/IEC 27001, BSI IT-Grundschutz, NIST, or COBIT.

Personal Attributes:

• Strong analytical and problem-solving skills.
• Clear and structured communication style with the ability to explain complex technical topics to non-specialists.
• High level of initiative and ability to deliver under pressure.
• Professional demeanor and strong stakeholder management capabilities.

Certifications (Preferred):

• CIA (Certified Internal Auditor),
• CISA (Certified Information Systems Auditor),
• CRISC (Certified in Risk and Information Systems Control),
• or equivalent professional designations,

Additional Requirements

• Willingness to stay current in a rapidly evolving regulatory and technological environment.
• Fluent in English; German is a plus.

What’s in it for you:

• A high-impact role with direct influence on the security, compliance, and resilience of a regulated crypto custodian.
• Attractive compensation package.
• Flexible working hours and hybrid working with not more than 3 days in the office.
• Access to extensive training and development programs.
• A dynamic and innovative environment within a fast-growing industry.