About the Role
Role overview
As a key member of our team, you will support the Chief Information Security Officer by executing day-to-day activities across governance, risk and compliance, and technical security domains. The role helps ensure consistent security controls, reliable evidence for audits and customer questionnaires, and coordination with IT Operations, DevOps, and product teams.
Key responsibilities
1. Maintain and curate security evidence in SharePoint (policies, procedures, standards, control evidence, audit artefacts).
2. Support customer due diligence questionnaires.
3. Assist with information security risk identification and assessment activities, including capturing risks, controls, and actions in the relevant register.
4. Support policy lifecycle tasks (drafting updates, collecting feedback, publishing, tracking acknowledgements).
5. Coordinate with technical teams to collect artefacts needed as evidence, and support vulnerability management, penetration testing logistics, and incident management documentation as needed.
Working arrangements
Standard office-hours schedule (no shift work). Hybrid working model. The role is not an on-call position. Occasional flexibility may be required for time-sensitive assurance requests or major incidents.
Who you are
Experience and qualifications
6. 5+ years in information security, IT risk, compliance, or a related assurance role.
7. Working knowledge of security frameworks (ISO/IEC 27001/27002, BSI Grundschutz, NIST CSF or similar).
8. Familiarity with regulated environments and operational resilience expectations (DORA awareness).
9. Comfortable working with Microsoft 365 (Teams, SharePoint) and issue tracking (Jira).
10. Basic understanding of cloud and on-prem security controls (identity, network, endpoint, logging).
11. Bachelor’s degree or equivalent experience.
12. Certifications such as ISACA CRISC and ISO 27001 Lead Implementer are desirable.
13. English business fluent. German language skills are an advantage.
Soft skills and ways of working
14. Strong communication skills, with the ability to engage confidently with senior stakeholders.
15. A pragmatic and resilient mindset, able to stay effective in a lean, evolving environment with tight timelines, competing demands, and changing priorities.
16. Sound judgment and common sense, including the confidence to challenge assumptions, spot gaps, and focus on what is genuinely important.
17. Comfort working with incomplete inputs or imperfect processes, combined with the motivation to improve them.
18. Openness to modern tools and ways of working, including a practical attitude toward AI‑enabled productivity, while applying appropriate critical thinking and oversight.
19. Experience in environments such as fintech, software, technology, or broader financial services is helpful.
Our offer
Health & wellness: Benefit from wellbeing initiatives tailored to local needs, including access to an employee assistance programme that provides confidential support to employees and their families.
Holiday: Enjoy competitive holiday entitlement aligned with local markets, so you can rest and recharge.
Pension: Plan for your long-term financial wellbeing through our pension scheme, supported by employer contributions.
Remote work: Enjoy the opportunity to work two days a week from home, with flexible working hours where possible. You may also request to work up to four weeks per year from a different location.
Learning & development: Support your career progression with access to learning resources, ongoing conversations with your manager, and opportunities to share the knowledge you gain with your team.
Culture & impact: Be part of an international team with a startup mindset and play a key role in making a meaningful impact.
Our offices: Work from Europe’s leading financial centres and be at the heart of where finance happens.
Additional notes
All candidates selected for employment are subject to Pre-Employment Screening. This process includes professional reference and background checks conducted by our third-party partner, ZINC. These screenings are part of our commitment to ensuring a secure, compliant, and trustworthy workplace.
We kindly ask that you submit your CV in English.