IT Senior Consultant - Internal Audit

Our Internal Audit practice supports leading financial institutions in Luxembourg in strengthening their IT governance, internal control frameworks, and digital risk management capabilities.

Within a fast-evolving regulatory and technological environment, we assist Boards, Authorized Management, CIOs, CISOs, and Heads of Internal Audit in addressing regulatory expectations, enhancing operational resilience, and managing technology-related risks.

Join a dynamic and growing practice where innovation, collaboration, and professional excellence drive our ambition to become a leading Consulting & Advisory player in Luxembourg.

Your role:

As an IT Senior Consultant, you will play a key role in delivering IT Internal Audit engagements across the Luxembourg financial sector.

Your responsibilities will include:

• Leading and executing IT Internal Audit engagements covering IT General Controls (ITGC), application controls, IT governance, cybersecurity, and operational resilience.
• Supporting financial institutions (banks, asset managers, ManCos, AIFMs, payment institutions, PSFs) in strengthening their IT control environment and internal audit functions.
• Assessing compliance with Luxembourg and European regulatory frameworks including CSSF circulars, DORA, EBA Guidelines, ICT Risk Management and outsourcing regulations.
• Performing IT risk assessments, control design reviews, testing activities, maturity assessments, and remediation follow-ups.
• Acting as a trusted advisor to clients by translating complex IT risks into pragmatic business recommendations.
• Managing day-to-day delivery of engagements, monitoring timelines, and ensuring high-quality outputs.
• Contributing to the development of Internal Audit methodologies and innovative service solutions.
• Coaching and mentoring junior consultants while fostering a collaborative team environment.
• Supporting business development initiatives through proposal preparation, client presentations, and market eminence activities.
• Collaborating with multidisciplinary teams across Risk Advisory, Cybersecurity and Regulatory Consulting practices.

Your profile:

• Master's degree in Information Systems, Computer Science, Cybersecurity, Engineering, Finance, or a related discipline.
• A maximum of 3 to 4 years of professional experience in IT Internal Audit, IT Risk Advisory, Technology Consulting, or External/Internal Audit, gained within a consulting firm or financial institution.
• Strong knowledge of IT control frameworks and standards such as COBIT, ISO 27001, NIST, COSO, and ITIL.
• Good understanding of Luxembourg regulatory expectations impacting IT environments (CSSF, DORA, ICT risk, outsourcing, operational resilience). PSD2 may be an added advantage.
• Ability to interact confidently with senior stakeholders including CIO, CISO, Internal Audit and Risk functions.
• Strong analytical mindset combined with business acumen and consulting attitude.
• Proven project coordination and team mentoring capabilities.
• Excellent written and verbal communication skills.
• Fluency in English is mandatory; French and/or German are strong assets.

We offer:

• Exposure to tier-1 financial institutions and complex IT risk environments in Luxembourg.
• A strong focus on personal development and professional growth, including continuous learning environment with structured training programs and certification support (CISA, CIA, CRISC, ISO 27001, CISSP).
• A dynamic, multicultural, and collaborative work environment with competitive remuneration and benefits.
• The advantages of working in a human-sized international firm that combines professional excellence with a commitment to societal impact as well as global reach with a personal and collaborative working culture.
• A young, energetic, and supportive team culture where your contribution is valued, and where you can make a tangible difference for both clients and the firm.
• The opportunity to contribute to international projects or work with cross-border teams, while your base will be in Luxembourg.