Information Security and Resilience Risk Manager

Your role in the team

Our expectations of you

Qualifications

• Strong understanding of DORA (Digital Operational Resilience Act), with proven involvement in DORA compliance programs or readiness initiatives.
• Versiert im Navigieren in funktionsübergreifenden, multikulturellen, multinationalen und matrixorganisierten Organisationen.
• Exposure to digital banking environments is desirable, though not essential.
• Recognized industry certifications such as CISM, CISSP, CRISC, or equivalent.
• Umfassende Kenntnisse der wichtigsten EU-Regulierungen und Rahmenwerke im Bereich ICT-Risiko und Cybersicherheit, einschließlich ISO 27001, NIST, PSD2 und DORA.
• Strong analytical and structured thinking, with the ability to interpret complex issues and propose practical solutions.
• Calm, confident, and persuasive communicator who can influence without authority.
• Persistent and solution-focused problem solver, capable of driving change in dynamic, high-pressure environments.
• Highly collaborative team player, with strong interpersonal skills and the ability to work across organizational boundaries.
• Skilled in translating operational detail into strategic insights to support executive-level decision-making.
• Fluent in English (mandatory); German language skills are a strong plus.

Experience

• Proven experience in a senior IT security or risk management role, ideally within financial or professional services.
• Minimum of 5 years of hands-on experience in IT Security, IT Risk Management, or IT Audit within banking, financial services, or consulting environments.
• Demonstrated experience managing and overseeing outsourced IT or cybersecurity services, including SLAs, KPIs, and third-party risk controls.
• Practical experience in designing, implementing, and auditing COBIT control frameworks.
• Experience preparing and delivering board-level presentations and strategic risk updates.