About Finanzen.net GroupUnternehmensbeschreibungAbout Finanzen.net GroupFinanzen.net Group is an innovative FinTech company that supports both private and professional investors in making informed investment decisions.The Group Includesfinanzen.net – one of the leading financial information portals in the DACH regionfinanzen.net ZERO – a neobroker offering low-cost and secure trading of securitiesTraderFox – a provider of financial information and trading tools for professional investors and those aspiring to become oneOur VisionWe strive to be the best partner for our customers on their investment journey.Growth and AcquisitionAt the beginning of 2025, the Finanzen Group was acquired by Inflexion, a leading European private equity firm in the mid-cap segment. Inflexion supports ambitious management teams in developing and scaling high-growth companies sustainably.As part of the acquisition, the previously independent business units are being strategically integrated. This realignment, combined with the group's strong innovative capabilities, creates new growth opportunities to further strengthen its position as a leading investment platform.Working With UsTo successfully implement our growth strategy and value creation program, we are looking for talented individuals who want to actively shape this transformation.We value personal exchange: we work hybrid – three collaborative days at one of our hubs in Karlsruhe, Munich, or Berlin, and two days remote.StellenbeschreibungYou are responsible for leading and maturing our information security posture across the finanzen.net Group (Zero, Finnet, TraderFox). Operating at the intersection of cyber risk, regulatory compliance, and business enablement, this role demands both strategic vision and hands-on operational leadership. As a regulated financial services organisation under BaFin scrutiny, the CISO will build a security programme that meets the highest standards of resilience; transforming our current baseline into a mature, risk-driven security capability that supports our ambitions in Neo-Brokerage and digital finance.Core ResponsibilitiesSecurity Strategy & Governance:Shape and drive the Group-wide security strategyTurn regulatory requirements into clear prioritiesClose key gaps across assets, vulnerabilities, and third partiesRisk Management & ComplianceBuild and run a DORA-aligned ICT risk frameworkCreate transparency across risks and controlsReport clearly to senior leadership and the boardVulnerability & Threat ManagementRoll out vulnerability management across the GroupReduce critical findings and remediation backlogImprove detection through stronger SIEM capabilitiesEndpoint & Identity SecurityExpand endpoint protection and MFA coverageImprove device health and security visibilityEnforce consistent controls across all entitiesSecurity Awareness & Developer EnablementBuild a stronger security-first cultureIncrease awareness training completionEnable developers through secure coding and championsIncident Response & AssuranceLead incident response and post-incident reviewsRun regular backup and response testsAnchor assurance activities in daily operationsThird-Party & Supply Chain RiskStrengthen third-party risk managementRaise due diligence standards for vendorsReduce supply chain risk across the GroupQualifikationenSecurity Leadership & Regulatory ExpertiseProven leadership in information security, ideally in regulated financial services or FinTechStrong knowledge of DORA, GDPR, BaFin, and common control frameworks such as CIS, ISO 27001, and SOC 2Experience leading audits, assessments, and regulatory reviewsSecurity Programme & Risk ManagementTrack record of building structured, risk-driven security programmesExperience improving security maturity in complex or fast-growing environmentsStrong understanding of vulnerability management, remediation workflows, and risk reportingStakeholder Management & ExecutionAble to communicate security risks clearly to Board and senior stakeholdersStrong cross-functional influence across Engineering, IT, Legal, and ComplianceProven ability to roll out security processes with measurable impactTechnical & Operational ExpertiseSolid understanding of security architecture across endpoints, identity, networks, and cloudHands-on experience with SIEM, EDR/XDR, vulnerability scanning, and asset management toolsGood awareness of AI-related security risks and secure AI adoption in regulated environmentsZusätzliche InformationenYou’ll join a modern work environment with over 250 colleagues, shaped by trust, flexibility, and genuine collaboration. You’ll work in a hybrid setup and use our office hubs in Karlsruhe, Munich or Berlin; complemented by up to 15 days of “workation” within the EU per calendar year.We actively support your personal and professional development through training, seminars, and conferences in the dynamic fintech and stock/financial sector. We place great importance on an open, collaborative atmosphere, team spirit, and shared success.You Can Also Expect The Following BenefitsModern office hubs & hybrid workingTraining and development opportunities in financial markets/investingRegular team events & a strong company cultureHealth & mobility benefits (bike leasing, public transport subsidy)Attractive financial benefits & additional perksAn environment where you can contribute, grow, and feel comfortable #J-18808-Ljbffr