Principal, Internal Auditor

The Principal, Audit Manager (IT) leads and coordinates a range of audit activities – including assurance, advisory, and change audits – across multiple business functions. By applying strong influencing, communication, and relationship-building skills, they secure stakeholder engagement and support high-quality, effective audit delivery. They convey complex audit issues with clarity, tailoring messages for diverse and senior audiences, and establish constructive relationships that enable open dialogue and collaboration. Operating with a high degree of autonomy, they guide multidisciplinary audit teams, including guest auditors and co-sourced staff, providing direction and feedback to ensure high-quality outputs. The role requires sound judgement and the ability to navigate complex and sensitive situations with diplomacy, helping shape outcomes supporting strong governance and effective risk management. This position focuses on audits relating to the EBRD’s Transformation Group and Chief Transformation Office, covering IT applications, infrastructure platforms and related processes, project and programme assurance, as well as coverage of business resilience, physical security, information security, and third-party risk management, though not exclusively.

The Board of Directors established IAD as part of its oversight role. IAD, as a trusted independent third line of defence, and in accordance with the Institute of Internal Auditors’ International Professional Practices Framework, provides timely risk-based and objective assurance and advice to Executive Management and the Board of Directors on the adequacy and effectiveness of the EBRD's risk and control framework. IAD aspires to be a function of excellence, valued by stakeholders for insights and foresight, objective assurance and advice.

Accountabilities & Responsibilities

• Continuously monitors and assesses organisational, risk and control developments in their assigned portfolio of coverage ("business monitoring").
• Independently plans and executes audit engagements and business monitoring work with minimal supervision to the quality standards expected by the IIA.
• Effectively supervises multi-disciplinary teams, guest auditors and external consultants, and provides timely, open and constructive performance feedback.
• Takes accountability for all aspects of the end product, ensuring that work adheres to schedules and is completed to the required standard.
• Ensures timely and adequate monitoring and validation of open audit issues as assigned.

Other responsibilities

• Develops and manages open and constructive working relationships with stakeholders.
• Delivers engagements and activities in line with the Institute of Internal Auditors’ Global Internal Audit Standards, Code of Ethics, and related guidance.
• Proactively supports other departmental initiatives and deliverables as assigned, including developing annual work plans, regular reporting to the Board of Directors, ad hoc advisory engagements, and departmental improvements.
• Keeps abreast of relevant industry, professional and organisational developments to update risk assessments, inform audit coverage, and drive innovation and improvement in IAD practices.

Knowledge, Skills, Experience & Qualifications

• Academic/professional qualifications: University degree or equivalent, preferably a technology, data, maths, finance or business focus. Relevant professional qualification(s) relating to IT auditing, IT security, and/or IT risk management, such as CISA/CCSK/CISSP/CISM/ISO27001LA. Project and programme assurance and data analytics certifications are desirable additions.
• Experience: Demonstrable experience leading or managing internal audit engagements in a complex financial services or investment banking environment, including responsibility for supervising teams and delivering high‑quality risk‑based audit work. Experience engaging with senior stakeholders, including the ability to challenge constructively and influence outcomes in sensitive or complex situations. Post‑qualification experience across IT auditing and/or IT risk management, sufficient to provide authoritative insight into assigned activities, preferably with experience in project and programme assurance. Familiarity with frameworks such as NIST CSF and Swift CSCF is desirable. Proven ability to work across diverse business areas and risk topics, quickly developing an understanding of new technologies, processes, and risks.
• Technical and personal skills: Exceptional verbal and written communication skills, with the ability to articulate complex audit issues clearly and concisely to senior and diverse audiences in complex political environments. Strong influencing and negotiation capability, with a track record of building constructive relationships, securing cooperation, and gaining stakeholder buy‑in across business units. Demonstrated ability to manage sensitive discussions with diplomacy and sound judgement, promoting openness and productive dialogue.
• Strategic and analytical capability: Strong analytical and critical thinking skills, including the ability to assess risks, evaluate controls and interpret complex information to form balanced, well‑reasoned conclusions. Ability to apply data‑driven analysis and digital tools in audits to enhance insights and coverage. Mature strategic thinking, with the capacity to recognise thematic issues, align work to organisational priorities, and translate strategy into practical audit delivery.
• Technical audit expertise: Solid grounding in internal audit methodology, including risk assessment, control evaluation, sampling, evidence analysis, mature root cause assessment and report writing to IIA standards. Ability to innovate and apply professional judgement to resolve complex, ambiguous or novel audit challenges.
• Working style and behaviours: Effective team leader in a matrix environment, motivating multidisciplinary teams – including guest auditors and co‑sourced resources – to deliver high‑quality outputs to agreed timelines. Demonstrates resilience, adaptability and self‑management, maintaining performance under pressure and adjusting to evolving priorities. Champions the EBRD’s Behavioural Competencies: Collaborate Smartly, Speak Up and Listen Well, Simplify to Amplify, and Act Decisively.

What is it like to work at the EBRD?

Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people’s lives and help shape the future of the regions we invest in. At EBRD, our Values – Inclusiveness, Innovation, Trust, and Responsibility – are at the heart of how we work. We bring these to life through our Workplace Behaviours: listening well and speaking up, collaborating smartly, acting decisively with full commitment, and simplifying to amplify our impact. These principles shape our culture and define our success. We seek individuals who not only share these values but are also committed to embedding them in their daily work, fostering a positive and high‑performing environment.

The EBRD environment provides you with:

• Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in.
• A working culture that embraces inclusion and celebrates diversity. Our workforce reflects a broad range of backgrounds, perspectives, and experiences, bringing fresh ideas, energy, and innovation and enhancing our ability to serve our clients, shareholders, and counterparties effectively.
• A hybrid workplace that offers flexibility to teams and individuals; that is based on trust, flexibility and connectedness.
• An environment that places sustainability, equality and digital transformation at the heart of what we do.
• A workplace that prioritises employee wellbeing and provides a comprehensive suite of competitive benefits.

Diversity is one of the Bank’s core values which are at the heart of everything it does. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, gender identity, sexual orientation, age, socio‑economic background or disability.