Information Security Officer

We are seeking an experienced compliance expert - with a focus on information security and data protection - to strengthen our team in Berlin. In this position, you will support the development, maintenance and continuous improvement of Information Security Management Systems (ISMS) and Data Protection Management Systems (DSMS) for companies in the financial sector. You will ensure compliance with regulatory requirements and contribute to the implementation and oversight of all relevant strategies, policies, procedures and controls. In doing so, you will play a key role in safeguarding the business continuity of the companies we support and in strengthening Germany’s economic landscape.of Germany’s economic landscape.
Your Responsibilities

• Lead and support the implementation of DORA (Regulation (EU) 2022/2554), including ICT risk management, ICT incident management, testing/TLPT coordination and third-party risk management
• Develop, maintain and enhance ISMS in accordance with ISO/IEC 27001
• Lead and support the development, maintenance and continuous improvement of DSMS in line with the GDPR and BDSG
• Act as internal Information Security Officer (ISO) or Deputy ISO, as well as Data Protection Coordinator or Deputy DPO, and advise business units on information security and data protection matters
• Conduct and coordinate gap analyses, risk assessments and control reviews
• Draft and maintain policies, procedures, protocols and measures, including process documentation in the areas of information security and data protection
• Monitor regulatory developments and derive as well as track implementation measures
• Deliver awareness sessions and training for employees
• Collaborate with IT, internal audit, as well as external auditors and supervisory authorities

Your Profile

• Several years of relevant professional experience in information security, data protection, and/or regulatory compliance within the financial sector
• Degree in law, business administration, or a comparable qualification/experience (e.g. certifications as ISO / DPO)
• Proven knowledge of the DORA framework as well as other relevant standards and regulations: ISO 27001, BSI IT-Grundschutz, NIS-2, EU GDPR, EU AI Act
• Strong analytical and conceptual thinking skills, organisational talent and team orientation
• Assertive, confident manner with excellent communication skills
• Demonstrated ability to integrate AI-enabled tools into research, analysis, and operational workflows while maintaining critical thinking, accuracy, and accountability for outputs
• Excellent command of German and English, both written and spoken

What we offer

• Exciting and varied position in a dynamic company
• Opportunity to work in a motivated and collaborative team
• Attractive compensation and benefits package
• Professional development and continuing education opportunities
• Flexible working arrangements, including the possibility of part-time work
• Pleasant and supportive working environment
• Option to work partially from home

If you are passionate about compliance and want to contribute to a strong regulatory framework, we would love to hear from you!