Job Drop BerlinYOUR WAY INTO BERLIN TECH
POST A JOBSAVED JOBSMEET A STARTUPREADSUBSCRIBE
NewsletterLinkedIn
AboutTermsImpressumPrivacy

ICT GRC - ICT Compliance Manager

NN26
Seniority
Midweight
Model
Remote
Sector
Fintech
Salary
Undisclosed
Contract
Full-Time

About the role

You will be fully accountable for the design, implementation, and continuous improvement of our IT compliance framework. You will lead the compliance topic end-to-end, ensuring our IT systems and information security practices are robust, scalable, and aligned with evolving European and German regulatory requirements. You will act as the central authority for IT compliance within the 2nd Line of Defense, driving alignment across stakeholders and proactively steering regulatory readiness in a fast-changing environment.

What you'll do

  • Own the IT compliance framework within the 2nd Line of Defense, reporting to the Deputy CISO.
  • Define, maintain, and continuously enhance the target measure catalogue in alignment with internal security standards and regulatory requirements.
  • Lead independent second-line compliance assessments of the ISMS and ICT control environment.
  • Ensure full adherence to EU and German regulations (e.g., MaRisk, CSA, PSD3, DORA) and relevant industry standards (ISO 27001/27002, NIST, etc.).
  • Drive regulatory gap analyses and define strategic remediation roadmaps.
  • Own regulatory reporting related to ICT compliance and present progress, risks, and mitigation plans to senior stakeholders.
  • Design and implement AI-enabled compliance monitoring and automation initiatives.
  • Audit and challenge 1st line ICT processes and information domain controls for alignment with DORA requirements.

What you'll need

  • Bachelor's or Master's degree in Information Technology, Computer Science, Information Security, or a related field.
  • Professional certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent.
  • Minimum of 5–7 years of experience in IT risk management, information security, and compliance, ideally within banking or financial services.
  • Proven experience owning regulatory compliance topics independently.
  • Deep knowledge of regulatory frameworks such as MaRisk, BAIT, DORA, and industry standards such as ISO 27001/27002 and NIST.
  • Strong understanding of IT infrastructure, cloud security, application security, and network security.
  • Fluency in English and German (spoken and written).

What they offer

  • Competitive personal development budget, work from home budget, and wellness memberships.
  • N26 Premium subscription and access for friends and family members.
  • Additional day of annual leave for each year of service.
  • High degree of autonomy and access to cutting edge technologies.
  • Hybrid setup combining in-office collaboration with work from home flexibility.
  • Relocation package with visa support.
APPLY →