Mambu is the SaaS banking engine powering innovative loan and deposit products, the lean alternative to cumbersome core banking systems. Helping clients to successfully start up business ventures, transform existing operations, launch new products and expand into new markets. Mambu provides financial institutions of all sizes with the agility to rapidly design, launch, service and scale their banking and lending portfolio.We believe that a great company is built on great people. We are proud to have brought together incredibly bright minds to help make financial services ready for the 21st century. Our clients understand what it takes to succeed in a fully digital world and our team is a trusted partner in their endeavours.To continue our success story we are looking for a skilled and enthusiastic Technical Auditor to join Mambu.Internally this role will involve supporting the Head of Technical Audit and Assurance, in running technical audits across all Mambu entities and maintaining compliance with existing certifications and assurance programs. But internally is only half the story this role will also be supporting the maintenance of customers’ trust in Mambu’s cloud banking platform.
What you will work on:
- Support technical Assurance and Audit team in maintaining compliance with Mambu’s Technical Assurance Programs (ISO 27001 and SOC 1):
- Coordinate external certification and assurance audits
- Keep audit and assurance documentation up-to date
- Educating staff members on existing Technical Assurance Programs and its requirements
- Prepare teams for external certification/assurance audits
- Ensure audit findings are recorded and support implementation or remediation measures
- Work closely with Product team to raise awareness of compliance requirements and ensure effectiveness of internal controls and Technical Assurance Programs:
- Plan and conduct internal audits based on Mambu’s annual audit plan and/or on-demand.
- Follow up and report on internal audit findings, support teams in implementing mitigation measures
- Develop internal audit function in regional level - audit should not be a blocker for other teams, rather help teams to understand the risks and mitigate them
- Own technical audit roadmap, ensure new capabilities, platform comply with requirements of assurance programs
- Build up and maintain technical audit role globally, as well as locally:
- Coordinating the local changes (e.g. from legislations, contracts, certifications) affecting Mambu’s technical Assurance Programs to ensure compliance and consistency
- Being the contact person for questions and incident related to Technical Assurance Programs
- Monitor implementation of non-standard contractual, legal and regulatory requirements
- Support Mambu Customers to gain trusts in Mambu’s control framework and Assurance Programs:
- Support external customers’ audits. Plan and coordinate on-site or remote audits
- Ensure external customer audit findings are addressed
- Respond to customer audit and due-diligence requests
- Support Disaster Recovery tests
- Support Customer teams to commit contractually only to implemented or planned controls:
- Educate pre-sales and legal teams in compliance topics
- Support pre-sales team in the RFP process and Review RFP’s
What you need to have:
- Hands on experience with information security and privacy compliance frameworks, controls and best practices either working as an auditor or implementer such as AICPA Trust Services Principles, PCI DSS, NIST , GDPR HIPPA, SOX etc.
- At least one relevant professional certification including CPA, CISSP, CISA, GIAC, ISO 27001 Lead Implementer or Auditor.
- A strong technical background with an understanding of product development, SaaS or Cloud environments and platform infrastructure like APIs
- Risk management experience I.e. Enterprise Risk Management (ERM), ISO 31000, ISO 27005 or similar standards
- Strong written and verbal communication skills in English
- Analytical, detail oriented and creative problem-solving abilities
- Good organisational skills to manage changing priorities and ensure all tasks get addressed and expectations are met
- Proactive mindset with a drive to find and address root causes e.g. 5 Whys analysis
- Able to work autonomously, both alone and in teams
It would be great if you also had:
- Experience performing audits as an auditor by planning workshops, examining records and documenting the findings, including follow up actions
- Worked within a technical role such as Product manager, Developer, QA or Security Officer.
- Performed risk assessment workshops, analysed those risks, produced a plan to mitigate them and helped deliver those changes.
- Experience maintaining a risk register
- Previously worked in a IT, SaaS or cloud provider as an internal auditor, compliance officer or technical program manager.
- Mambu has over 180 live deployments, helping to revolutionise financial services in more than 45 countries globally, and we're just getting started.
- Our clients include FinTech innovators, traditional banks, business and consumer lenders as well as P2P platforms who are all looking to grow and scale.
- We understand nothing ensures our customers' success more than a happy team, so Mambu is built on a culture of trust and a sense of ownership in everything we do.
- Mambu proactively takes the initiative to improve the industry for the better.