Unternehmensbeschreibung
About Finanzen.net Group
Finanzen.net Group is an innovative FinTech company that supports both private and professional investors in making informed investment decisions.
The group includes:
* finanzen.net – one of the leading financial information portals in the DACH region
* finanzen.net ZERO – a neobroker offering low-cost and secure trading of securities
* TraderFox – a provider of financial information and trading tools for professional investors and those aspiring to become one
Our Vision
We strive to be the best partner for our customers on their investment journey.
Growth and Acquisition
At the beginning of 2025, the Finanzen Group was acquired by Inflexion, a leading European private equity firm in the mid-cap segment. Inflexion supports ambitious management teams in developing and scaling high-growth companies sustainably.
As part of the acquisition, the previously independent business units are being strategically integrated. This realignment, combined with the group's strong innovative capabilities, creates new growth opportunities to further strengthen its position as a leading investment platform.
Working With Us
To successfully implement our growth strategy and value creation program, we are looking for talented individuals who want to actively shape this transformation.
We value personal exchange: we work hybrid – three collaborative days at one of our hubs in Karlsruhe, Munich, or Berlin, and two days remote.
Stellenbeschreibung
You are responsible for leading and maturing our information security posture across the finanzen.net Group (Zero, Finnet, TraderFox). Operating at the intersection of cyber risk, regulatory compliance, and business enablement, this role demands both strategic vision and hands-on operational leadership. As a regulated financial services organisation under BaFin scrutiny, the CISO will build a security programme that meets the highest standards of resilience; transforming our current baseline into a mature, risk-driven security capability that supports our ambitions in Neo-Brokerage and digital finance.
Core Responsibilities
Security Strategy & Governance:
* Shape and drive the Group-wide security strategy
* Turn regulatory requirements into clear priorities
* Close key gaps across assets, vulnerabilities, and third parties
Risk Management & Compliance:
* Build and run a DORA-aligned ICT risk framework
* Create transparency across risks and controls
* Report clearly to senior leadership and the board
Vulnerability & Threat Management:
* Roll out vulnerability management across the Group
* Reduce critical findings and remediation backlog
* Improve detection through stronger SIEM capabilities
Endpoint & Identity Security:
* Expand endpoint protection and MFA coverage
* Improve device health and security visibility
* Enforce consistent controls across all entities
Security Awareness & Developer Enablement:
* Build a stronger security-first culture
* Increase awareness training completion
* Enable developers through secure coding and champions
Incident Response & Assurance:
* Lead incident response and post-incident reviews
* Run regular backup and response tests
* Anchor assurance activities in daily operations
Third-Party & Supply Chain Risk:
* Strengthen third-party risk management
* Raise due diligence standards for vendors
* Reduce supply chain risk across the Group
Qualifikationen
Security Leadership & Regulatory Expertise
* Proven leadership in information security, ideally in regulated financial services or FinTech
* Strong knowledge of DORA, GDPR, BaFin, and common control frameworks such as CIS, ISO 27001, and SOC 2
* Experience leading audits, assessments, and regulatory reviews
Security Programme & Risk Management
* Track record of building structured, risk-driven security programmes
* Experience improving security maturity in complex or fast-growing environments
* Strong understanding of vulnerability management, remediation workflows, and risk reporting
Stakeholder Management & Execution
* Able to communicate security risks clearly to Board and senior stakeholders
* Strong cross-functional influence across Engineering, IT, Legal, and Compliance
* Proven ability to roll out security processes with measurable impact
Technical & Operational Expertise
* Solid understanding of security architecture across endpoints, identity, networks, and cloud
* Hands-on experience with SIEM, EDR/XDR, vulnerability scanning, and asset management tools
* Good awareness of AI-related security risks and secure AI adoption in regulated environments
Zusätzliche Informationen
You’ll join a modern work environment with over 250 colleagues, shaped by trust, flexibility, and genuine collaboration. You’ll work in a hybrid setup and use our office hubs in Karlsruhe, Munich or Berlin; complemented by up to 15 days of “workation” within the EU per calendar year.
We actively support your personal and professional development through training, seminars, and conferences in the dynamic fintech and stock/financial sector. We place great importance on an open, collaborative atmosphere, team spirit, and shared success.
You can also expect the following benefits:
* Modern office hubs & hybrid working
* Training and development opportunities in financial markets/investing
* Regular team events & a strong company culture
* Health & mobility benefits (bike leasing, public transport subsidy)
* Attractive financial benefits & additional perks
* An environment where you can contribute, grow, and feel comfortable