Head of IT Audit; f​/m​/d

Solaris is a tech company with a full German banking license. Our Banking-as-a-Service platform enables businesses to offer their own financial products. With our straightforward APIs, our partners can access and integrate a wide range of solutions such as digital banking, payments, cards, identification and lending services. As a market leader we are driven by bringing transformational change to the financial services industry.

We love what we do and we love our team. We are 500+ people from over 70 nationalities - a unique blend of techies, fintech enthusiasts, bankers and entrepreneurs from various industries. Our routines are built around genuinely valuing and exchanging different perspectives as well as actively sharing knowledge as we drive our business as a team. We believe and invest in personal growth.

As Head of IT Audit, you will lead our IT Audit function with group-level responsibility as part of the 3rd Line of Defense. You will shape and execute a risk-based IT audit plan across our entities and relevant institutes, identifying and assessing key technology and security risks, while ensuring full alignment with supervisory and regulatory expectations, including BAIT, MaRisk, KWG, IT-Grundschutz, and relevant ISO standards (e.g., ISO 27001).

• Represent the IT Audit department internally and externally (incl. regulators, Audit Committee, and key stakeholders).
• Provide disciplinary leadership of the IT Audit team, including staffing and capacity planning, coaching, and development.
• Own audit planning for IT Audit (risk assessment, annual plan, scoping, prioritization).
• Drive the continuous improvement of IT audit methodology and related internal audit processes (e.g., ToD/ToE approaches, reporting standards).
• Steer and monitor IT audits at both group and entity level; ensure timely delivery and high-quality outcomes.
• Manage and oversee external service providers supporting Internal Audit (IT-audit related), including performance, quality, and deliverables.
• Ensure quality assurance for IT audit work papers, reporting, and adherence to Internal Audit standards (IT-audit related).
• Independent preparation and conducting of IT audits, incl. drafting of audit reports and coordination with stakeholders.
• Participation in the review and assurance of the internal control system, compliance, security and efficiency of IT processes and systems.
• Follow up review of internal and external audit findings.
• Balance audit independence with constructive collaboration across IT, Risk, Compliance, and Operations.
• Translate complex IT risks into clear, actionable insights for the Board, Audit Committee, and regulators.

Depending on your level of experience, your responsibilities and scope of role will range. We don’t care much about fancy titles, but rather about real personal and professional development, as laid out in our learning framework. Let’s figure together out how you can contribute to our team.

• 7- 10 years in IT / IT risk / cybersecurity / audit, ideally in banking or fintech, including 5+ years in IT audit or a related consulting/audit environment with strong exposure to BAIT/MaRisk/KWG/ISO/IT-Grundschutz.
• Education degree in Business Informatics, Information Technology, Computer Science, Cyber Security, Information Security or similar field.
• First proven leadership experience leading, mentoring and guiding IT auditors.
• Experience as an IT auditor or IT risk consultant in auditing techniques (ToD and ToE).
• Familiar with COBIT, ITIL, ISO 27001, MaRisk, DORA, BAIT, PSD2, GDPR, NIST.
• Technical Competencies in Core banking systems, cloud-based infrastructures, API-driven platforms.
• Experience with regulator interactions, audit committees, and board-level reporting.
• Deep understanding of threats, incident management, encryption, identity & access management, GDPR compliance.
• Ability to align IT audit plans with the bank’s risk appetite and growth strategy.
• Familiarity with outsourcing/vendor risk management in financial services.
• Regulatory & Risk Knowledge with a strong grasp of EBA, MaRisk, ECB guidelines, especially regarding IT risk, outsourcing, and cloud usage in banking.
• Good understanding…