IT Auditor / IT Risk Advisor


Luxembourg City

Specialism / Function

Business Advisory

Entry Route

1-2 years

Position Type

Full Time Employment

Our Business Risk Services team provides internal audit and advisory services to a wide range of organisations in Luxembourg. As part of the BRS team, we provide services related to technology audit and risks. We help companies to manage their inherent risks supporting their business and strategic objectives. 

Key services include Internal Audit, Risk Management Facilitation, Corporate Governance Advisory, IT related missions, Special Reviews, Transformation Projects and Controls Based Investigations. 

We are currently seeking an IT Auditor / IT Risk Advisor to join our Luxembourg BRS team.



Grant Thornton’s Advisory professionals are combine flexibility and quality work, they provide value to clients and demonstrates leadership and entrepreneurship spirit.

The IT auditor/IT risk advisor is responsible for delivering a full range of IT audit and attest services to our clients, and as well as project and engagement management for multiple clients. Responsibilities include planning, directing, and completing IT internal audits, IT process control reviews, IT risk assessments, activities related to internal control projects (control reporting – e.g. ISAE3402 etc.), and external audit support; developing and supervising staff; and assisting in client management and practice development activities.



  • Work both autonomously and as part of a team to deliver high quality IT audit and IT risks assignments;
  • Help to implement performance improvement opportunities for clients by applying IT frameworks such as; COBIT; ISO27K; ITIL; etc;
  • Maintain professionalism and rapport with the client. Proactively interact with key client management to manage expectations, help ensure client satisfaction, meet client deadlines, and resolve any problems;
  • Assist partners/directors and senior management on proposals and business development calls;
  • Evaluate and test client-related business process and IT controls and identify areas of risk for each;
  • Apply current knowledge of IT trends and systems processes to identify security and risk management issues, as well as other opportunities for overall process improvement;
  • Gain comprehensive understanding of client operations, processes, and business objectives and utilise that knowledge on engagements;
  • Contribute to deliver high quality reports to senior management and audit committees, including reporting to the regulator (CSSF);
  • Adhere to the highest degree of professional standards and strict client confidentiality.



  • Bachelor's degree in Business or Information Technology-related filed;
  • One to Two years of progressive experience delivering internal IT audit services;
  • Information Security experience or information security training is required;
  • Other areas of expertise needed should include some of the following: access control software, security architecture and administration, Internet use/firewalls, network security awareness and enforcement, security policies and standards, operating systems (Windows, UNIX, AS400, etc.), databases and applications;
  • Experience performing IT risk assessments;
  • Good knowledge of IT Frameworks (COBIT, ISO27K, ITIL);
  • Ability to document testing in a highly detailed and exacting manner is expected;
  • Excellent verbal and written, skills are required;
  • Detail-oriented, able to Excellent analytical, organisational, and project management skills are expected;
  • Ability to think independently and be a thought leader, professional demean or, a can-do attitude and other qualities that include decisiveness, selfwork according to schedules and work plans, able to ask good questions and request help as needed;
  • Strong computer skills including proficiency in Microsoft Office Suite and audit preparation software;
  • Ability to work additional hours as needed and travel on a regular basis to clients as required;
  • Excellent computer software skills, including proficiency in Microsoft Office Suite applications, are expected;
  • Keen on gaining following certifications: CISA, CISSP, CISM, etc.



Please send your CV with the reference IT Auditor by email at

All applications will be treated as strictly confidential.


All personal data that will be collected from candidates as part of the recruitment process, will be processed in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), (Enforcement date: 25 May 2018). This among others means that they will only be processed based on one of the possible legal basis (as per Art. 6 of the GDPR), be it with the candidates’ consent or on the basis of an employment contract. This also means that personal data will not be retained for more than required by the GDPR or by applicable Luxembourg laws i.e. beyond completion of the recruitment process.

For more information, we encourage you to read our Privacy Notice. If you have any questions, please contact us at


Sound like you?

Apply now