Officer (Focus on Information Systems & Technology Audit) - Internal Audit Department (DIA)

Officer (Focus on Information Systems & Technology Audit) - Internal Audit Department (DIA)

BSTDB - Black Sea Trade and Development Bank

Thessaloniki, Greece

Ref.No: 045
Division/Department: Internal Audit (DIA)
Position Type: Professional
Closing Date: 19-Dec-2025, 17:30 (Greece Time)
Appointment Type: Three-year fixed term appointment (internal candidates holding open ended appointments will retain their status if they apply)

Position Purpose

Under the supervision of the Director, Internal Audit Department (DIA), the incumbent is responsible for executing risk-based internal audits - including business analysis and IT audits - in line with the department’s approved annual Work Program. The role also involves conducting advisory assignments and providing recommendations to the Director, DIA on bank-wide matters to enhance risk management, control, and governance processes, contributing to the Internal Audit Department’s mission and strategic objectives. All audit activities must adhere to the Institute of Internal Auditors’ International Professional Practices Framework and other applicable professional standards.

Key Functions and Responsibilities

Under the supervision and guidance of the Director, DIA either directly or as assigned by him, the Officer shall:

• Prepare and execute risk-based internal audits — including business analysis and IT audits — to evaluate internal controls; the reliability and integrity of financial, managerial, and operational information and systems; operational efficiency; asset safeguarding; and compliance with applicable regulations, policies, and procedures;
• Conduct advisory assignments and provide recommendations to Director, DIA on bank-wide matters, including IT governance, cybersecurity resilience, systems integrity, digital risk management, and business analysis, to strengthen risk management, control, and governance processes in support of the department’s mission and strategic objectives;
• Prepare audit reports with actionable recommendations based on audit findings to improve the effectiveness and efficiency of audited areas;
• Support the “Follow-up” process for audit recommendations from internal and external auditors and the Audit Committee; in consultation with Director, DIA assess corrective actions and assist in preparing reports for Audit Committee and Board meetings, including ad hoc reports as requested;
• Review new and revised policies and procedures from a risk and control perspective (including business analysis and IT-related policies, such as systems access controls, data protection, incident response, and digital transformation initiatives) and provide relevant recommendations aiming at enhancing controls, strengthening information security, mitigating the identified risks and making processes more efficient and effective;
• Apply appropriate audit tools and international standards, including IT audit frameworks and best practices;
• Collect, organize, and analyze data from diverse sources to support audit conclusions;
• Maintain comprehensive knowledge of Bank policies and procedures, with emphasis on IT infrastructure, systems architecture, cybersecurity protocols, and digital governance, to effectively assess related risks and controls;
• Establish and maintain effective relationships with internal stakeholders across all levels and external partners, including auditors, consultants, and peers from other international financial institutions.

Competencies

• Professionalism: maintains a level of expertise and professional knowledge commensurate with the respective position and job description;
• Results Orientation: demonstrates ability for achieving results against an internal or external standard of excellence;
• Communication and interaction with impact: Transfers efficiently and effectively information and messages, wields effective tactics for persuasion;
• Client/stakeholder orientation – ensures appropriate service of high standard to internal and/or external customers and develops constructive and sustainable business/customer relationships;
• Teamwork: effectively cooperates with others aiming at the achievement of team objectives;
• Cultural sensitivity/Diversity: supports and promotes an environment that holds opportunities for all, regardless of race, gender, culture and age;
• Integrity: maintains standards of objectivity, independence and discretion. Behaves ethically and in consistency with institutional core values;
• Accountability: exhibits a strong sense of responsibility for one’s work and resulting consequences;
• Innovation and change: is open to and applies novel ideas and thinking to improve processes, methods, systems or services. Accepts and adapts to changes;
• Critical thinking: clarifies goals, examines assumptions, evaluates evidence, accomplishes actions, and assesses conclusions.

Required Knowledge, Skills and Experience

• First University degree or equivalent in internal auditing, economics, accounting, information systems or other related fields;
• Internationally recognized auditing certification, such as CIA, CISA or equivalent, etc. A post-graduate degree in internal auditing, IT audit or accounting may be considered in lieu of a professional certification;
• Knowledge of audit methodologies, risk management, and internal control frameworks (e.g. COSO);
• Excellent Command of English;
• Excellent working knowledge of Microsoft Office Packages, as well as other statistical and audit applications;
• Strong critical thinking and problem-solving skills;
• At least 5 years of relevant working experience in an Internal Audit Department, including hands-on experience in IT auditing of enterprise systems such as SAP, OpenText, Bloomberg, and SWIFT — focusing on system configurations, access controls, data integrity, transaction processing, and compliance with regulatory standards. Experience is preferably gained within a financial institution, bank, international audit firm, a regulatory supervisory authority, or a tax authority.

Desirable Knowledge, Skills and Experience

• Post-graduate degree or equivalent in internal auditing or accounting or information systems, preferably with a specialization in IT audit, cybersecurity, or enterprise systems;
• Knowledge of a Member State language;
• Knowledge of Computer Assisted Audit techniques;
• Demonstrated knowledge of SAP systems architecture and functionality, including understanding of core modules such as Finance (FI), Controlling (CO), Treasury, etc. Ability to assess system configurations, data flows, access controls, and integration points across SAP environments to identify risks, evaluate internal controls, and support audit and advisory activities;
• Experience in the region of the BSTDB’s operation;
• Experience in an international development financial institution;
• Professional integrity, ethics, and discretion in handling sensitive information;
• Ability to plan and organize work aligned with strategic goals;
• Detail-oriented with a strong focus on accuracy and quality;
• Rigorous analytical skills and results-oriented mindset;
• Effective communication and interpersonal skills.

For a candidate to participate in the competitive selection for this position, s/he must meet at least the following minimum requirements:

• Education: First-level University degree or equivalent in internal auditing, economics, accounting, information systems or other related fields; or a first-level University degree in any other area followed by a Master’s degree or equivalent in the above areas;
• Professional Qualification(s): Internationally recognized auditing certification, such as CIA, CISA or equivalent, etc. A post-graduate degree in internal auditing, IT audit or accounting may be considered in lieu of a professional certification;
• Experience: At least 5 years of relevant working experience in an Internal Audit Department, including hands-on experience in IT auditing of enterprise systems such as SAP, OpenText, Bloomberg, and SWIFT — focusing on system configurations, access controls, data integrity, transaction processing, and compliance with regulatory standards.

Application Procedure

In order for your application for the above vacancy to be considered valid, please:

1. Complete the BSTDB Application Form in full:
   • Provide an answer to EACH question (box). Please note that if no answer is provided to any of the questions (relevant box is left empty), the application will be disqualified;
   • If a question is not applicable to you, please insert “N/A” in the relevant box;
   • No additional documents (such as CVs) will be considered.
2. Send the completed BSTDB Application Form as an attachment to: recruit@bstdb.org (This email address is solely for submitting applications. Please do not send inquiries to this address).

Kindly include only the Reference Number of the vacancy you are applying for, along with your full name, in the subject line of your email.

Example: 045 John Smith

You will receive an automatic response that your application has been successfully received.

The closing date for applications is Friday, 19 December 2025 at 17:30 pm (Greece Time).

Only candidates selected for an interview will be contacted.