
IT Infrastructure & Systems Internal Auditor
SumUp is looking for an IT security-focused Internal Auditor to join its Global Internal Audit team, part of the wider G&A / GRC function, reporting directly to the Global Head of Internal Audit. The team protects SumUp's integrity, supports regulatory compliance, and strengthens trust with the Board, Audit Committee, and regulators. You'll be the go-to expert for technology-focused audits, helping shape how IT risks, controls, and governance are assessed across a fast-scaling global fintech. The role is office-first, based in the Covent Garden, London office.
Stack
Responsibilities
- ▹Plan and execute IT internal audits in line with the annual audit plan
- ▹Assess IT general controls, security, governance, and risk management frameworks
- ▹Prepare clear, insightful audit reports and present findings and recommendations to senior stakeholders
- ▹Use data analytics to improve audit efficiency, sample testing, and risk identification
- ▹Support ad-hoc audit projects and regulatory-related reviews
- ▹Contribute to the continuous improvement of internal audit methodologies, frameworks, and templates
- ▹Build strong relationships across the business and promote a proactive internal controls culture
- ▹Conduct targeted audits of AWS security standards and access controls, ensuring credit card data in cloud services is adequately protected
- ▹Perform risk-based reviews of payment products and embed security requirements throughout the development lifecycle
- ▹Identify anomalies or excessive privileges across different systems and payment platforms
Requirements
- ▹Minimum 4 years' experience in IT / Internal Audit within a regulated financial services environment
- ▹Strong knowledge of audit standards, risk management, and internal controls
- ▹Experience auditing IT controls and frameworks such as COBIT, ISO 27001, PCI DSS, ITIL, NIST, GDPR
- ▹Practical exposure to areas like data security, cloud architecture, disaster recovery, security operations, or network infrastructure
- ▹Advanced data analytics skills
- ▹Professional-level English (written and spoken)
Nice to have
- ▹Professional certifications such as CIA, CISA, CPA
- ▹Additional IT/security certifications (CISSP, CISM, CRISC, ISO 22301, or similar)
- ▹Experience with audit-related data analytics tools
Soft skills
What we offer
- ▹VSOP programme (a stake in SumUp's success)
- ▹28 days of paid leave, plus bank holidays and special leaves
- ▹Vitality health cover, including optical and dental
- ▹Salary-sacrifice commuter benefits via Gogeta
- ▹Retirement scheme (SumUp matches 7% when you contribute 5%)
- ▹Life insurance from MetLife for 2x your salary
- ▹Break4me: 1-month sabbatical after 3 years of service
- ▹Referral bonus
About the company
SumUp believes in the everyday hero, creating powerful, easy-to-use financial solutions to help small business owners run their businesses. With a founder's mentality and a team-first attitude, its diverse teams across Europe, South America and the United States support small business owners in succeeding at what they love.