Technical Auditor in Berlin
Please apply here on „ITbbb.de“ with the „Apply Now“ link/button at the top right.
- Support technical Assurance and Audit team in maintaining compliance with Mambu’s Technical Assurance Programs (ISO 27001 and SOC 1):
- Coordinate external certification and assurance audits
- Keep audit and assurance documentation up-to date
- Educating staff members on existing Technical Assurance Programs and its requirements
- Prepare teams for external certification/assurance audits
- Ensure audit findings are recorded and support implementation or remediation measures
- Work closely with Product team to raise awareness of compliance requirements and ensure effectiveness of internal controls and Technical Assurance Programs:
- Plan and conduct internal audits based on Mambu’s annual audit plan and/or on-demand.
- Follow up and report on internal audit findings, support teams in implementing mitigation measures
- Develop internal audit function in regional level - audit should not be a blocker for other teams, rather help teams to understand the risks and mitigate them
- Own technical audit roadmap, ensure new capabilities, platform comply with requirements of assurance programs
- Build up and maintain technical audit role globally, as well as locally:
- Coordinating the local changes (e.g. from legislations, contracts, certifications) affecting Mambu’s technical Assurance Programs to ensure compliance and consistency
- Being the contact person for questions and incident related to Technical Assurance Programs
- Monitor implementation of non-standard contractual, legal and regulatory requirements
- Support Mambu Customers to gain trusts in Mambu’s control framework and Assurance Programs:
- Support external customers’ audits. Plan and coordinate on-site or remote audits
- Ensure external customer audit findings are addressed
- Respond to customer audit and due-diligence requests
- Support Disaster Recovery tests
- Support Customer teams to commit contractually only to implemented or planned controls:
- Educate pre-sales and legal teams in compliance topics
- Support pre-sales team in the RFP process and Review RFP’s
- Hands on experience with information security and privacy compliance frameworks, controls and best practices either working as an auditor or implementer such as AICPA Trust Services Principles, PCI DSS, NIST 800.53, GDPR HIPPA, SOX etc.
- At least one relevant professional certification including CPA, CISSP, CISA, GIAC, ISO 27001 Lead Implementer or Auditor.
- A strong technical background with an understanding of product development, SaaS or Cloud environments and platform infrastructure like APIs
- Risk management experience I.e. Enterprise Risk Management (ERM), ISO 31000, ISO 27005 or similar standards
- Strong written and verbal communication skills in English
- Analytical, detail oriented and creative problem-solving abilities
- Good organisational skills to manage changing priorities and ensure all tasks get addressed and expectations are met
- Proactive mindset with a drive to find and address root causes e.g. 5 Whys analysis
- Able to work autonomously, both alone and in teams
- Experience performing audits as an auditor by planning workshops, examining records and documenting the findings, including follow up actions
- Worked within a technical role such as Product manager, Developer, QA or Security Officer.
- Performed risk assessment workshops, analysed those risks, produced a plan to mitigate them and helped deliver those changes.
- Experience maintaining a risk register
- Previously worked in a IT, SaaS or cloud provider as an internal auditor, compliance officer or technical program manager.
- Mambu has over 180 live deployments, helping to revolutionise financial services in more than 45 countries globally, and we're just getting started.
- Our clients include FinTech innovators, traditional banks, business and consumer lenders as well as P2P platforms who are all looking to grow and scale.
- We understand nothing ensures our customers' success more than a happy team, so Mambu is built on a culture of trust and a sense of ownership in everything we do.
- Mambu proactively takes the initiative to improve the industry for the better.
Brief profile of Mambu
Die MAMBU GmbH hilft FinTech-Innovatoren, Banken und Mikrofinanzinstituten essentielle Bankdienstleistungen auf der ganzen Welt anzubieten. Dafür stellt MAMBU diesen Finanzinstituten zur Verwaltung ihrer Kunden-, Konten- und Transaktionsdaten eine erstklassige Software as a Service Plattform zur Verfügung.
Spheres of competence
Please refer to ITbbb.de in your application
Publication date: 13-11-2020