IT Risk Senior Consultant / Internal Auditor

Our Company

Created in 2016, HACA Partners is an approved audit firm (cabinet de révision agréé - supervised by the CSSF) providing expert services in the following areas:

• External audit
• Internal audit
• Regulatory & Compliance
• Risk management
• Consulting (M&A, corporate finance, ESG etc.)

Since its beginnings, the firm has been in constant development and is now composed of about a hundred professionals, with more than 12 years of experience in average, serving a diversified base of more than 470 clients from different industries (investment funds managers, investment funds, banks, PFS, etc.).

The objective of HACA Partners is to offer its clients professional services with a wide range of experience and expertise.

Your role:

• Executing IT audit engagements, ensuring compliance with CSSF circulars and best practices.
• Assessing IT General Controls (ITGCs) and application controls, including access, change, and operations management.
• Reviewing and testing controls related to IT outsourcing arrangements, including governance, risk, and vendor oversight.
• Contributing to client readiness or compliance assessments under DORA (Digital Operational Resilience Act), including ICT risk management and incident reporting.
• Evaluating controls related to cybersecurity, data protection (GDPR), and IT risk management frameworks.
• Participating in audits of third-party service providers and reviewing and performing risk analysis linked to cloud and/or external IT services.
• Documenting clear, risk and regulatory-based findings using structured analytical thinking and a pragmatic mindset.
• Collaborating with stakeholders at various levels, including IT, compliance, and internal audit functions.

Your profile:

• 2 to 4 years of experience in IT risk and/or Audit.
• You already conducted/helped in the realization IT General control testings (ITGCs) and IT application controls (ITACs)
• You are familiar with IT risk framework
• You are familiar with main IT regulations in Luxembourg (CSSF circular 20/750, 22/806, DORA regulation…)
• You are familiar with IT governance models such as ITIL, COBIT…
• You are familiar with Data protection regulation such as GDPR
• You are interested in growing your skills in IT financial sector and familiarize with regulations such as MiCA, PSD2 and DORA, as well as specific domains such as cybersecurity or data governance.

What we offer:

• Young and dynamic Company
• Diversified and interesting clients
• Learning curve with experienced professionals and trainings
• Warm work environment
• Flexibility at work (homeworking)
• Salary Package in line with market + benefits.