Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

Information Security Officer

MMoonfare
Seniority
Midweight
Model
Hybrid
Sector
Fintech
Salary
Undisclosed
Contract
Full-Time

About the role

As an Information Security Officer, you will be a central figure in our journey to become a BaFin-regulated entity. As part of the 2nd line of defence, you will lead all information security and relevant Governance, Risk, and Compliance (GRC) initiatives. Your primary objective will be to ensure our information security posture is robust, compliant with German and EU regulations, and aligned with our business goals.

What you'll do

  • Lead the company's efforts to achieve and maintain compliance with key information security regulations, including BaFin requirements, DORA, and NIS2.
  • Develop, implement, and maintain the Information Security Management System (ISMS) in accordance with ISO 27001 and other relevant standards.
  • Conduct comprehensive risk assessments and work with control functions to monitor and report on risk mitigation activities.
  • Provide expert guidance to internal teams on information security policies, procedures, and best practices.
  • Oversee internal and external security audits to ensure we meet our compliance goals.
  • Act as the primary point of contact for all information security matters within the licensed entity.
  • Promote continuous employee awareness of Information Security and Data Protection topics.

What you'll need

  • Proven experience in a similar Information Security role, preferably within the finance or FinTech industry in the EU, with specific experience in the DACH region.
  • Deep understanding and practical experience with German security regulations and BaFin requirements.
  • Expert knowledge of information security frameworks and regulations such as ISO 27001, DORA, and NIS2.
  • Experience in developing, maintaining, and implementing an ISMS, leading to successful certification (e.g., ISO 27001).
  • A background in Software Engineering or Computer Science is beneficial.
  • Industry-recognized certifications such as CISM, CISA, ISO 27001 Lead Auditor/Implementer, or SANS/GIAC certifications (e.g. GSLC, GISP) are highly desirable.
  • Excellent communication skills with full professional proficiency in English, working proficiency in German is desirable.

What they offer

  • Individual growth budget of €1,500 or 2% of your base salary (whichever is higher)
  • Company pension scheme with 20% employer contribution
  • 25 vacation days plus one additional day per year up to 30 days maximum
  • Free lunch every day in Berlin office
  • Subsidised Deutschland job ticket for public transport
  • Subsidised Urban Sports Club membership
APPLY →