Internal Audit

IDnow is a leader in digital identity and fraud prevention in Europe with a mission to transform trust into the most powerful asset in the digital world, empowering enterprises with AI-driven, SaaS-based identity solutions that deliver scalable security, adaptive compliance, and real-time fraud prevention. Through its broad portfolio of digital identity and fraud prevention solutions, IDnow establishes, maintains and enriches trust throughout the customer journey, ensuring businesses can confidently and securely operate while leveraging digital identity to drive growth, security and scalability.

The company has offices in Germany, United Kingdom, Romania and France, and is backed by renowned institutional investors, including Corsair Capital and Seventure Partners. Its portfolio of international clients spans a wide range of end markets including financial services, telecommunications, travel & mobility, gaming, and other industries.

This position is based in Rennes, France.

As an Internal IT Auditor, you will plan and execute audits across IDnow's systems, products and supporting processes, as well as managing customer and certification audits. You will evaluate the effectiveness of internal controls, identify risks and improvement opportunities, and work closely with stakeholders in Engineering, Security, Product, Operations and Business functions.

You will be part of a small, hands‑on Internal Audit team, reporting to the Head of Audit, and contribute directly to the continuous improvement of information security management system.

• Plan and deliver internal IT audits: Scope, design, and execute IT audits covering infrastructure, applications, cloud environments, data protection, and IT operations. Perform walkthroughs, control testing, and substantive procedures in line with defined audit methodologies and standards.
• Support external and customer audits: Prepare and coordinate evidence and responses for external audits (e.g. ISO27001, SOC reports, regulatory or supervisory reviews). Support customer audits and due diligence by providing structured responses, documentation and follow-up on agreed actions.
• Manage and follow up on audit findings: Document audit observations, root causes, risks and recommendations in a clear and structured way. Agree action plans with process and control owners; track remediation and
  retest implemented measures. Contribute to management reporting on audit results, themes and remediation status.
• Risk assessment and advisory: Assess IT and security risks related to new projects, systems, and process changes. Provide practical recommendations that balance risk, regulatory expectations and business needs.  Share insights and lessons learned to help strengthen our overall control environment.
• Stakeholder communication and collaboration: Communicate audit scope, approach, findings and recommendations in a concise, business-friendly manner. Build strong working relationships with stakeholders across Technology, Security, Operations, Finance and Compliance. Support the Head of Audit in preparing materials for management and governance committees as needed.

• 3+ years of experience in IT audit, technology risk, information security, or a similar role (internal audit, Big 4/consulting, or regulated industries is a plus).
• Degree in Computer Science, Information Systems, Business, or a related field; relevant certifications (e.g. CISA, CISM, CRISC, CIA) are a plus but not mandatory
• Solid understanding of IT general controls (ITGCs), application controls and common frameworks/standards (e.g. ISO 27001, SOC 2, COBIT, ITIL, GDPR).
• Familiarity with French digital identity and security regulations (e.g. PVID, RGS) and their implications for IT controls and audit requirements is a strong plus.
• Experience applying audit methodologies end-to-end: planning, risk assessment, control testing, documentation, reporting and follow-up.
• Ability to analyse complex IT environments (on-prem, cloud, SaaS) and assess risks across infrastructure, applications, interfaces and data flows.
• Strong skills in reporting and documentation: you can structure arguments logically, write clear reports and maintain clean audit files.
  
• Good communication skills, attention to detail and strong ownership.
• Fluent English and fluent French are required. Knowledge of German is a plus.

Nice-to-have

• Experience with cloud environments, ideally AWS, including understanding of cloud-specific controls and risks.

• Health & Wellbeing: Use your full access to the mental health platform nilo, including 1on1 sessions.
• We value personal and professional development: make full use of Udemy, our training platform with 24/7 access and unlimited content/course consumption incl. certification.
• We make your remote work comfy: we provide support on equipment and offer flexible working hours.
• We value collaboration & love to come together: regular onsite gatherings, internal initiatives and summer parties to connect outside of work.
• May your family require your attention or other reasons apply: use the benefit of our paid special leave days.
• Enjoy the possibility to combine work with a longer stay at your holiday destination or extend a weekend with our Workcation possibilities.
• In addition to the perks & benefits above, we offer specific benefits that differ between our locations.*

IDnow applies the principles of non-discrimination and equality: We strive to establish, maintain, and promote an open and inclusive recruitment process and working environment by respecting the principles of equal opportunities. Including but not limited to: sex, race or ethnic origin, religion or convictions, gender identity, citizenship, marital status, disability, age, or sexual orientation.