Internal Audit Manager - IT & Security (

Job Summary

We are seeking an Internal Auditor to lead and enhance our 3rd Line audit program across IT operations, cybersecurity, physical security, and emerging technologies such as AI.  This role involves designing and executing risk-based audits, ensuring compliance with ISO 27001 and OWASP SAMM, and collaborating with 2nd Line stakeholders to understand risk and control frameworks, while maintaining strict indepedence in assessment and reporting.

Responsibilities

• Develop and execute a risk-based audit plan covering IT, cybersecurity, and physical security

• Lead end-to-end audit engagements, including scoping, fieldwork, reporting, and follow-up

• Assess control effectiveness in areas such as network infrastructure, IAM, system hardening, and secure development

• Conduct reviews of cybersecurity incident response, AI governance, and emerging technology risks

• Evaluate physical security controls and vendor compliance

• Perform compliance audits against standards like ISO 27001, PCI, GSMA, and OWASP SAMM

Qualifications, Experience and Educational Requirements

Work Experience:

• 5-7 years of experience in IT audit or risk roles

Skills and Competencies:

• CISA, CIA, or equivalent certification

• Strong knowledge of ISO 27001, OWASP SAMM, and cybersecurity frameworks

• Ability to write and present audit findings in a clear, business-savvy manner

• Proficiency in English is essential; additional language skills such as German or Spanish are a strong advantage

• Excellent analytical, communication, and stakeholder engagement skills

• Enjoys working in diverse, multicultural teams and collaborating across global functions

Education:

• Bachelor’s or Master's in Information Security, Computer Science, or related field

Additional Information

*This job description is not intended to be all inclusive. The candidate hired will also perform other reasonable related business duties as assigned by the supervisor. The company reserves the right to revise or change job duties as needed. This job description does not constitute a written or implied contract of employment.

Giesecke+Devrient ePayments Canada Inc. is an equal opportunity employer and values diversity in its workforce, encouraging applications from all qualified individuals.  Upon request by the applicant, accommodation will be provided in all parts of the hiring process.

By applying to this position, you are confirming you possess either a Canadian citizenship, permanent resident status, or valid work permit.

Please note:  Reference Checks and Credit, Criminal Background Checks will be administered on suitably qualified candidates. Your application will be kept on file for up to two years. 

$$ Giesecke + Devrient ePayments Canada Inc. is an equal opportunity employer and values diversity in its workforce, encouraging applications from all qualified individuals. Accommodations are available on request for candidates taking part in all aspects of the selection process. If you would like to contact us, please contact Human Resources at careers.gdsci@gi-de.com 

 $$  $$ $$ $$  $$ https://career5.successfactors.eu/career?company=gieseckede&career_job_req_id=26048&career_ns=job_application