As an Information Security Manager, you will be responsible for securing tailored SaaS-based solutions and continuously developing the Information Security Management System (ISMS) in line with ISO 27001 and DORA requirements. You will work closely with senior legal stakeholders, report directly to executive management, and play a key role in influencing and driving the company’s overall security strategy.This role is not designed for pure administrators. We are looking for individuals who take ownership, assume responsibility, and want to grow alongside a fast-moving, regulated technology organisation.Key responsibilitiesISMS Ownership: Lead, operate, and further develop the ISMS in accordance with ISO 27001, DORA, and additional regulatory requirements within the financial services environment.Management Reporting: Identify IT and security risks, conduct risk assessments, and prepare reports for senior management and relevant regulatory authorities.Audit Management: Perform internal self-audits and coordinate collaboration with external audit partners and internal audit functions.Resilience & Continuity: Initiate penetration tests for applications and ensure operational stability through a robust Business Continuity Management (BCM) framework.Security Culture: Act as a sparring partner to all teams and strengthen security awareness across the organisation through workshops and hands-on collaboration.About the company (anonymised)The company operates in the open finance / regulated technology space and supports organisations in securely accessing, analysing, and leveraging financial data. With a growing team across Europe and a broad client base including financial institutions and large platforms, the business provides highly regulated, secure access to financial data across the DACH region and beyond.Your backgroundQualifications: A degree in law, business, information security, or a related field, combined with relevant professional experience in information security and risk management.Expertise: Strong practical experience with ISO 27001. Knowledge of MaRisk and initial hands-on exposure to DORA are highly desirable; support is provided to deepen expertise in these areas.Mindset: A strong hands-on mentality with analytical thinking, high ownership, and the ability to work independently in a dynamic environment where you can make a real impact.Languages: Professional fluency in German and English.What’s offeredThe opportunity to actively shape security strategy within a leading regulated technology environmentFlexible working hours and a hybrid setup, including guaranteed home office days30 days of annual leaveBudget for personal development, structured feedback, and transparent salary processesMonthly benefits budget (mobility, health, or lifestyle)Subsidised fitness and wellbeing programmesPublic transport subsidyModern, centrally located office with a positive working atmosphereA supportive, purpose-driven culture with experienced and committed colleagues #J-18808-Ljbffr