IT Compliance Auditor

IT Compliance Auditor In the United Kingdom- London

Simon-Kucher is a global consultancy with more than 2,000employees in 30+ countries. Our sole focus is on unlocking better growth thatdrives measurable revenue and profit for our clients. We achieve this by optimizingevery lever of their commercial strategy - product, price, innovation,marketing, and sales - based on deep insights into what customers want andvalue. With 40 years of experience in monetization topics of all kinds, we areregarded as the world's leading pricing and growth specialist.

Are you looking for an opportunityin a fast-growing, global IT team where collaboration, innovation, and astakeholder-centric approach are priority? As part of Simon-Kucher, our IT teamworks globally as a trusted partner inthe company's journey towardsuccess and navigates the ever-changing technological landscape. Asan IT ComplianceAuditor, you will play a vital role in planning, documenting, executing,and coordinating IT audits, while actively shaping and improving our employees'work environment. Apply andsupportgrowth as a member of our global IT team!

We are based in London, offering ahybrid work model. However, for candidates located outside of London, there ispotential for a fully remote arrangement.

How you will create impact:

• Plan audits by analyzing Information Security Standards, such as ISO 27001:2022, and define audit scopes within your area of expertise.
• Create and maintain structured audit catalogues tailored to the identified scope.
• Draft audit plans for your assigned audit areas.
• Perform audits in line with the approved audit plan, covering both internal processes and assets as well as audits of external service providers.
• Assess a broad range of audit topics, including IT systems, infrastructure and processes, information security management, and on-premise or virtual audits of physical security.
• Document findings clearly and thoroughly to enable process and asset owners to identify and develop mitigation measures and implementation plans.
• Contribute to the risk register through the clear classification and documentation of audit findings and collaborate with IT compliance and risk stakeholders.
• Report audit results to the CTO.
• Involved in certification audits.
• Support client assessments by providing information or take part in client meetings.

Your profile:

• You hold a university degree or equivalent in informatics, business informatics, IT security, or a similar field.
• Fluent English and intermediate German skills (at least B1 level).
• Trained or have developed yourself into an Auditor or Senior Auditor for information security or IT/cybersecurity.
• Have at least 4-5 years of experience in similar audit roles within international organizations.
• Have hands-on experience with auditing of either ISO 2700x standards, BSI Grundschutz, SOC 2 Type II, or similar standards covering information security and information security management.
• Certifications in information security auditing are a plus.
• Experienced in audit planning, including scope definition, method selection, guidance of the auditees through the audit process, and realistic estimation of time and efforts.
• Familiar with risk management terminology and methodologies.
• Demonstrate strong analytical thinking, self-motivation, and a structured, results-oriented approach to your work.
• Uphold the highest ethical standards in auditing, ensuring objectivity, confidentiality, and independence at every stage of the process.

What we offer:

• Work within a corporate culture defined by our entrepreneurialspirit, openness, and integrity
• Broaden your perspective with our extensive training curriculum andlearning opportunities
• Push your development with support from our holistic feedback anddevelopment processes
• Enjoyour range of benefits and our focus on your wellbeing

Does this sound like you? Let's connect. Simply press the 'Apply now' button. Your application should include a cover letter defining your fit with the role and your CV.