Information systems on-site inspector (m/f)

Mission

As part of a specialised team, you will be in charge of performing IT on-site inspections. Those inspections are conducted:

‒ in the framework of the Single Supervisory Mechanism (SSM), on credit institutions established in Luxembourg or abroad in Europe;

‒ at the initiative of the CSSF, on supervised entities located in Luxembourg, including credit institutions;

‒ in the EU-wide oversight framework of critical IT third-party service providers (i.e., CTPPs) established by the DORA regulation on the digital operational resilience of the financial sector, on CTPPs established in Luxembourg or abroad in Europe.

Role & responsibilities

Involvement in the entire on-site inspection (OSI) process:

Preparing the inspection and coordinating the work of the inspection (as head of mission), developing and executing IT audit work programs (as head of mission or team member)
Interacting and cooperating with specialists of the supervised entities and CTTPs, with the on-site inspection team, with off-site supervisors, with the CTPPs’ Lead Overseer and its joint examination team;
Drafting of all or part of the IT audit reports and key deliverables;
Presenting inspection results to key stakeholders including the Executive Board of the CSSF, ECB and CSSF supervisors, the CTPPS’ Lead Overseer and the executive management of supervised entities and CTPPs;
Participating and engaging in the development of new or enhancement of existing audit approaches and methodologies

Your profile

University degree (at least BAC+3/Bachelor) in information systems audit, or in computer science preferably with a specialisation in finance, or in economics, finance or business management with an IT specialisation
Proven professional experience of at least 3 years in the field of information systems auditing, preferably in an internal audit function or with an external audit firm
Perfect command of written and spoken English. Adequate written and spoken German and/or French. Knowledge of Luxembourgish will be considered as an advantage
Basic knowledge of French is mandatory
Commitment to be available for missions abroad and frequent business trips
Excellent knowledge of the regulatory framework, in particular laws, regulations and CSSF circulars relating to IT
Excellent knowledge of audit methodologies and leading IT practices
CISA, CISM, CISSP or equivalent certifications are an asset
Interest in new technologies (cloud computing, virtual currencies, artificial intelligence, open banking, etc.)
Writing, analytical, synthesis and communication skills
Proactivity and flexibility
Ability to work independently as well as good team spirit
Confidentiality

The successful candidate (m/f) will be hired as public employee (“employé de l’Etat”) under a permanent contract. If the candidate meets the required conditions, s/he will be asked to apply for admission to the status of civil servant (“fonctionnaire de l’Etat”).

Prior to the conclusion of the contract, the candidate must submit an extract from the criminal record (bulletin n°3), dated less than 2 months, in order to prove their conduct and integrity.

Apply now

* Required fields

Job reference *

Title *

First name *

Last name *

Date of Birth *

Nationality *

Phone *

E-mail *

How did you find about the position? *

Please specify *

Your resume *5MB max pdf

Your cover-letter *2MB max pdf

Your ID card *2MB max pdf, png, jpg, jpeg

Your Diploma *2MB max pdf, png, jpg, jpeg

Additional document2MB max pdf, png, jpg, jpeg

By ticking this box, you acknowledge that you have read and accepted our Job Applicant Privacy Notice *

Name	Description	Duration
cssf_cookies	Saves information regarding the user's consent to the use of cookies for each optional category.	1 year
ROUTEID	Technical cookie allowing load distribution.	Deleted when the browsing session ends
TBMCookie*	Security: This cookies protects the website against automated attacks.	Deleted when the browsing session ends
__utmvc	These first party cookies are set by a third party service to filter out malicious requests.	Deleted when the browsing session ends
__utmvm*	These first party cookies are set by a third party service to filter out malicious requests.	15 minutes

Name	Description	Duration
_pk_id.#	Collects anonymous statistical data on the website consultations, such as the number of visits or the average time spent on the website. The data is processed in-house and is not shared with a third party.	1 year
_pk_ses.#	Collects anonymous statistical data for the tracking of the pages consulted during the browsing session. The data is processed in-house and is not shared with a third party.	30 minutes