Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

ICT GRC - Risk & Compliance Manager (fluent German required)

NN26
Seniority
Midweight
Model
In-Office
Sector
Fintech
Salary
Undisclosed
Contract
Full-Time

About the role

As an ICT GRC - Risk & Compliance Manager, you will play a pivotal role in shaping how we manage IT risks in an increasingly AI-driven financial landscape. You'll be at the forefront of risk management and compliance, ensuring our IT systems remain secure, resilient, and aligned with evolving regulations.

What you'll do

  • Function as a key member of the bank's risk function (Second Line of Defense), reporting directly to the Deputy CISO and maintaining close collaboration with First Line of Defense teams on matters of ICT risk management
  • Actively engage in the ICT Risk Management process, encompassing proactive risk assessment, analysis, treatment plan identification, mitigation, and ongoing monitoring
  • Drive the maturity of the ICT Risk Management framework in adherence to DORA act
  • Proactively conduct risk assessments to identify ICT risks within the bank's IT infrastructure and propose appropriate mitigation strategies
  • Collaborate with cross-functional teams, including product, technology, security, and other First Line of Defense teams, to identify and implement risk treatment plans
  • Maintain the ICT risk register, ensuring the accuracy and completeness of ICT risks
  • Leverage artificial intelligence tools and technologies to enhance risk management and compliance processes
  • Facilitate regular meetings with key stakeholders to discuss risk status, challenges, and next steps, fostering a culture of continuous improvement and proactive risk management

What you'll need

  • Bachelor's degree in Information Technology, Computer Science, Information Security, or a related field
  • Minimum of 6 years of experience in IT risk management, information security, and compliance, preferably within the banking or financial services industry
  • In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc.
  • Strong understanding of IT infrastructure, network security, application security, and cloud security
  • Excellent analytical and problem-solving skills, with the ability to identify and assess complex IT and information security risks
  • Fluency in English required, as well as fluency in German
  • Strong project management skills with the ability to manage multiple tasks and projects simultaneously
  • Effective communication and interpersonal skills, with the ability to explain technical concepts to non-technical stakeholders

Nice to have

  • Professional certifications such as CISA / CISM / CRISC, or equivalent are highly desirable
  • Proficiency in using Enterprise GRC tools such OneTrust / ServiceNow GRC and ability to use AI-driven technologies for compliance and risk management is a plus

What they offer

  • Competitive personal development budget and work from home budget
  • Discounts to fitness & wellness memberships, language apps and public transportation
  • Premium subscription on your personal N26 bank account plus subscriptions for friends and family
  • Additional day of annual leave for each year of service
  • High degree of autonomy and access to cutting edge technologies
  • Relocation package with visa support for those who need it
APPLY →