ITC Auditor (f/m/d)

Internal Audit is an independent function established by the Management Board to support the bank in achieving its strategic objectives. As part of this mission, we ensure transparency, integrity, and effective risk management across all business processes and IT landscapes.

To strengthen our IT & Cyber (ITC) Audit capabilities, we are seeking an experienced and motivated ITC Auditor who will contribute to the evaluation of IT governance, IT processes, cybersecurity, and technology-related risks across the bank and its subsidiaries.

• Plan and conduct risk-based IT and cybersecurity audits, including infrastructure, applications, cloud environments, IT operations, and emerging technologies.
• Assess the effectiveness of IT controls, IT security measures, and compliance with internal regulations and external standards.
• Review IT processes, access rights management, system change management, incident handling, and technology governance.
• Perform audit fieldwork on-site and remotely, assess findings, and provide well-grounded recommendations to strengthen the control environment.
• Collaborate in group-wide audit activities, working with international colleagues across the UniCredit Group.
• Prepare audit reports and communicate results clearly and professionally to stakeholders within the defined timelines.

• Relevant professional certification (or willingness to obtain one), such as CISA, CIA, ISO 27001 Lead Auditor, or equivalent.
• German language skills at native or near-native level (C1/C2).
• Very good English skills (verbal and written).
• Experience in IT auditing, IT risk management, cybersecurity, or IT governance.
• Experience working in banking or a similar regulated environment is an advantage.
• Experience with compliance-related topics (e.g., GDPR, AML, ICT risk, regulatory standards) is an advantage.
• Strong analytical and critical thinking skills, structured approach, and the ability to work both independently and as part of a team.