Responsibilities
1. Own and evolve the ISO 27001:2022 ISMS and policy framework.
2. Lead DORA implementation across ICT-riskernance, incident reporting, and third-party oversight.
3. Map and align controls with international standards (CFTC, MAS TRM).
4. Conduct ICT risk assessments and report residual risks to senior leadership.
Engineering & Operations
5. Guide product teams on secure architecture and zero-trust principles.
6. Define and improve technical controls (, vulnerability management, access control).
7. Manage and optimize security tooling (threat intelligence, IDS, deception platforms).
Detection & Response
8. Oversee the full incident response lifecycle in line with NIST and regulatory expectations.
9. Continuously assess threat landscape and drive improvements.
10. Coordinate tabletop and purple-team exercises.
People & Culture
11. Deliver engaging security awareness training across departments.
12. Support audits, RFPs, and due diligence processes with clients and partners.
Your Profile
13. Degree inputer Science or related field.
14. 5+ years in IT security; certifications such as CISSP, CISM, CRISC, or ISO27001 Lead Implementer/Auditor are a plus.
15. Experience with security certifications (ISAE3402, SOC1/2, ISO2700x) and regulatorypliance.
16. Strong analytical andmunication skills; able to explainplex topics clearly.
17. Fluent in English (C1+); German (B2+) is desirable.
18. Self-driven, adaptable, and eager to learn.
What's Offered
19. Clear career development path and regular performance reviews.
20. Opportunities to rotate across development teams based on interests and skills.
21. Access to internal academy and learning resources.
22. Centrally located Frankfurt office with hybrid work model.
23. Social events and a collaborative, international team culture.
Job ID PR/555342