We are a leading FinTech company at the forefront of digital payment innovation, operating in one of the most heavily regulated financial environments. Our mission is to deliver secure, scalable, and customer-centric financial solutions while maintaining uncompromising adherence to international regulatory standards. By combining technological innovation with rigorous compliance frameworks, we empower businesses and consumers to transact with confidence.
As our ICT Risk Manager (m/f/d), you will play a pivotal role in protecting the resilience and integrity of our financial systems. Positioned at the intersection of technology, risk, and governance, you will challenge senior stakeholders, drive risk-aligned decision-making, and ensure our ICT risk posture meets both regulatory expectations and business objectives. This is a unique opportunity to influence the company’s strategic ICT resilience in an environment that thrives on innovation within compliance.
Your position in our teamYou act as the second line of defence by challenging the CISO, IT Security Architect, DevSecOps Team and Business Units on ICT control adequacy and risk appetite alignmentYou consolidate insights from quarterly ICT risk inventories, incident summaries, and vendor risk reports into actionable recommendationsYou oversee ICT risk assessment processes and ensure alignment with regulatory frameworks such as DORA, EBA, and GDPRYou partner with Incident Response, Vendor Risk, and Security Testing teams to assess, escalate, and remediate ICT risksYou prepare and deliver consolidated ICT risk reports for executive leadership, Head Risk, and ManagementYou support ongoing improvement of ICT governance processes, including risk identification, monitoring, and reportingYou will ensure ICT risk management practices remain robust against evolving threats and emerging technologiesYour profileBachelor’s degree in Information Security, Risk Management, Computer Science, or related fieldMinimum 3+ years of ICT risk management experience within financial services or FinTechStrong knowledge of risk frameworks (e.g., ISO 27005, NIST, COBIT) and regulatory requirements (e.g., EBA outsourcing guidelines, DORA, GDPR)Experience with incident response processes, ICT vendor risk oversight, and ICT governance reportingExcellent stakeholder management skills with the ability to challenge senior leaders constructivelyFluently Englisch (C1) and good German (B2) skillsHaving a professional certification (e.g., CISM, CRISC, CISSP, CISA) is a plusFamiliarity with cloud computing risks, encryption, DevOps environments, and API-driven financial platforms is a plusExperience in consolidating multi-source ICT risk inputs into executive-level reporting is a plusUnderstanding of emerging financial technologies such as blockchain, AI, and digital identity is a plus