**G+D hace más segura la vida de miles de millones de personas en todo el mundo. Creamos confianza en la era digital con tecnologías de seguridad integradas en tres áreas de negocio: Seguridad Digital, Plataformas Financieras y Tecnología Monetaria. Hemos sido un socio confiable para nuestros clientes durante más de 170 años con nuestras soluciones innovadoras para SecurityTech! Somos un grupo tecnológico internacional y una empresa familiar tradicional con más de 14,000 empleados en 40 países. Crear Confianza es nuestro camino hacia el éxito. La confianza es la base de nuestra cooperación en G+D.**
***En Tecnología de Pago, nuestra misión es estar al inicio de cada transacción y hacerla segura y sencilla. También creamos soluciones de pago y banca contemporáneas en nuestra era digital. Como único punto de contacto, producimos y personalizamos cientos de millones de tarjetas de pago cada año y almacenamos sus "gemelos digitales" - móviles y digitales. ¿Te gustaría dar forma activamente a la transformación digital con nosotros?**
At Giesecke+Devrient, a global leader in SmartCards and Secure Payment Elements, we are seeking a Internal Auditor to lead and enhance our 3rd Line audit program across IT operations, cybersecurity, physical security, and emerging technologies such as AI. This role involves designing and executing risk-based audits, ensuring compliance with ISO 27001 and OWASP SAMM, and collaborating with 2nd Line stakeholders to understand risk and control frameworks, while maintaining strict independence in assessment and reporting **Key Responsibilities**:
- Develop and execute a risk-based audit plan covering IT, cybersecurity, and physical security.
- Lead end-to-end audit engagements, including scoping, fieldwork, reporting, and follow-up.
- Assess control effectiveness in areas such as network infrastructure, IAM, system hardening, and secure development.
- Conduct reviews of cybersecurity incident response, AI governance, and emerging technology risks.
- Evaluate physical security controls and vendor compliance.
- Perform compliance audits against standards like ISO 27001, PCI, GSMA, and OWASP SAMM.
**Your Profile**:
- Bachelor’s or Master’s in Information Security, Computer Science, or related field.
- 5-7 years of experience in IT audit or risk roles.
- CISA, CIA, or equivalent certification.
- Strong knowledge of ISO 27001, OWASP SAMM, and cybersecurity frameworks.
- Ability to write and present audit findings in a clear, business-savvy manner.
- Proficiency in English is essential; additional language skills such as German or Spanish are a strong advantage.
- Excellent analytical, communication, and stakeholder engagement skills.
- Enjoys working in diverse, multicultural teams and collaborating across global functions.
- CULTURE: Join a professional, dynamic environment where collaboration, teamwork, and innovation are valued.
- PHILOSOPHY: Be part of a team where your ideas and contributions have real impact.
- SCHEDULE: Mon-Thu 8:30-17:30h, Fri 8:30-15:30h (1h adaptable start time). Hybrid work options available.
- CONTRACT & BENEFITS: Permanent contract, annual training plan, summer intensive schedule, company parking, flexible compensation (transport, childcare, training, health insurance).
- CANTEEN: Onsite cafeteria with breakfast and lunch at subsidized prices.
- LOCATION: El Prat de Llobregat, Mercabarna exit. Accessible via Bus 88/110 from Barcelona or PR4 from El Prat.
**Contact**:
**HR Team Spain***:
**JOB OFFER**
**Job Details**:
**Job Title**
Internal Audit Manager
**Business Sector**
Giesecke + Devrient ePayments Iberia S.A
C/ 114 nº 27
Polígon Pratenc
**Requisition ID**
26186
**Location**
El Prat de Llobregat (BCN), Barc, ES
**Career level**
Con experiência
**Job Type**
Tiempo completo
**Contact**
HR Team Spain