Internal IT Auditor (Regulated Fintech)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Deriv is seeking an experienced Internal IT Auditor to conduct technology risk-based regulatory audits across banking, virtual assets, and investment services.
Key Skills for This Role
Responsibilities
- Evaluate internal technology controls across IT governance, system security, and data protection to ensure regulatory compliance
- Conduct rigorous IT audits across regulated banking, VASP, and investment service entities
- Audit specialized core systems including banking platforms, VASP wallets, cryptographic key management, and algorithmic trading systems
- Identify security and compliance vulnerabilities and proactively highlight areas for improvement
- Track global tech regulation standards (ISO 27001, SOC 2, DORA) to stay ahead of international technology risk developments
- Collaborate with internal engineering and InfoSec teams to ensure technical controls are integrated into daily workflows
- Report tech risk audit findings and cyber posture insights to senior management and audit committees
- Drive IT remediation plans to completion to minimize risk of technological failure or non compliance
Requirements
- 5+ years in IT audit or technology compliance
- Deep understanding of IT regulatory frameworks (e.g., DORA, ISO 27001, SOC 2)
- Proven experience auditing cloud environments (AWS/GCP), containerized systems (Kubernetes/Docker), IAM, encryption standards, or blockchain tech
- Degree in CS, Cybersecurity, or IT
- CISA certification
- CRISC, CISM, or CISSP are big pluses
- Excellent spoken and written English
- Analytical and highly collaborative
Full Job Posting
Overview
- You’ll focus on technology, information security, and IT governance audits across regulated business entities—spanning banking, virtual assets (VASPs), and investment services.
- You’ll conduct technology risk based regulatory audits, identify infrastructure vulnerabilities, and embed robust technical controls into operations.
Why this matters
- Your IT audit work across our regulated entities ensures our infrastructure, DevOps pipelines, and core platforms stand up to intense regulatory scrutiny and cybersecurity threats.
- Your foresight and strategic insights directly determine whether our high growth products stay online, secure, and compliant in a heavily regulated global market.
Why Deriv
- Audit cutting edge tech: cloud environments (AWS/GCP), containerized applications (Kubernetes/Docker), algorithmic trading systems, VASP wallets, and cryptographic key management.
- Partner closely with Engineering and InfoSec to foster a culture of risk awareness and ensure robust IT controls are built into daily operations.
- Master complex global regulations like DORA, local banking IT guidelines, and virtual asset technology requirements across multiple jurisdictions.
What You'll Do
- Evaluate internal technology controls across IT governance, system security, and data protection to ensure regulatory expectations are met.
- Conduct rigorous IT audits across regulated banking, VASP, and investment service entities.
- Audit specialized core systems including banking platforms, VASP wallets, cryptographic key management, and algorithmic trading systems.
- Identify security and compliance vulnerabilities and proactively highlight areas for improvement.
- Track global tech regulation standards (ISO 27001, SOC 2, DORA) to stay ahead of international technology risk developments.
- Collaborate with internal engineering and InfoSec teams to ensure technical controls are integrated into daily workflows.
- Report tech risk audit findings and cyber posture insights directly to senior management and audit committees.
- Drive IT remediation plans to completion to minimize risk of technological failure or non compliance.
Who You Are
- 5+ years in IT audit or technology compliance, ideally in regulated fintech, banking, investment services, or VASP environment.
- Deep understanding of IT regulatory frameworks, cybersecurity mandates, and frameworks like DORA.
- Strong technical auditing skills with proven experience auditing cloud environments (AWS/GCP), containerized systems (Kubernetes/Docker), IAM, encryption standards, or blockchain tech.
- Certified professional with a degree in CS, Cybersecurity, or IT, backed by a CISA certification (CRISC, CISM, or CISSP are big pluses).
- Analytical and highly collaborative, able to dissect complex technical architectures and present actionable insights.
- Clear communicator with excellent spoken and written English and integrity to handle sensitive compliance matters.
The Honest Reality
- You will be auditing complex, fast evolving systems across multiple regulated environments where the compliance landscape is constantly shifting.
- You'll need to keep pace with everything from traditional banking regulations to cutting edge blockchain tech, and have the confidence to challenge engineering setups when necessary.
- The work demands absolute rigor and high technical depth. In return, you’ll gain unparalleled, future proof IT audit expertise across the cutting edge of fintech, crypto, and global banking.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Deriv
Senior Regulatory Compliance Executive
Dubai, UAE
Deriv seeks a Senior Regulatory Compliance Executive to manage compliance for entities in investment services, banking, and virtual assets. You will conduct compliance monitoring, gap analyses, manage licensing with CMA
Senior Offensive Security Engineer
Dubai, UAE
Deriv is hiring a Red Team Lead/Operator to lead offensive security operations across infrastructure, applications, cloud, and people. The role involves full-kill-chain red team engagements, social engineering, cloud and
Senior SOC Analyst
Dubai, UAE
Deriv is hiring a Senior SOC Analyst to proactively hunt threats, build detections, and own incident response end-to-end. The role requires deep expertise in EDR, cloud security, and malware analysis, with a focus on aut
Senior Data Analyst
Dubai, UAE
Deriv is hiring a Senior Data Analyst to transform complex datasets into actionable insights, shape products, and drive business growth. The role requires 5+ years of experience, strong SQL and Python/R skills, and exper
Senior Account Executive
Dubai, UAE
Deriv is looking for an early-career finance professional to join its Trading Finance team in Dubai. You will prepare journal entries, reconciliations, support month-end close, and work with regulated entities. This role
Senior Specialist - Taxation
Dubai, UAE
Deriv is seeking a Senior Tax Specialist to own multi-jurisdiction tax compliance, tax accounting, transfer pricing, and automation. Requires 12-15 years tax experience with strong foundation in corporate income tax acro
Senior Data Engineer
Dubai, UAE
Deriv is looking for a Senior Data Engineer to build reliable data infrastructure powering trading decisions, product analytics, compliance, and AI/ML systems. You will own data accuracy end-to-end, design governed pipel
IT Operations Engineer
Dubai, UAE
Deriv is looking for an IT Operations Engineer to maintain and automate IT infrastructure across global offices. The role involves managing endpoints, networking, and automation, with opportunities to grow into security,
Senior Regulatory Compliance Executive
Dubai, UAE
Senior Offensive Security Engineer
Dubai, UAE
Senior SOC Analyst
Dubai, UAE
Senior Data Analyst
Dubai, UAE
Senior Account Executive
Dubai, UAE
Senior Specialist - Taxation
Dubai, UAE
Senior Data Engineer
Dubai, UAE
IT Operations Engineer
Dubai, UAE