Information Security Governance Senior Associate / Informationssicherheit

About the opportunity

We are seeking an Information Security Governance Manager with expertise on Logging & Monitoring governance to join our Information Security Governance team within the CISO Department. 

Our Information Security Governance team is a safeguard risk control second line of defense for Information Security management across the company. This specific role is focused on information security governance and you will be responsible for supporting the first line of defense security engineers in setting up the governance around that topic within our CISO unit. This is an exciting opportunity if you are passionate about information security and if you are looking for a challenging position that demands in-depth knowledge and dedication, and if you wish to work in an innovative and cutting-edge technology Bank wherein horizontal cooperation is required to achieve goals.

In this role, you will:

  • Know ISM international compliance standards (ISO 27001) and German  regulatory compliance standards for the banking industry (BAIT/ZAIT, MaRisk), and set up our Information Risk Management guidelines standards accordingly. You will be responsible for reviewing our current guidelines and performing a gap analysis. 
  • Identify, Analyse, Evaluate and Monitor Information Security risk through assessments and quality controls. You will be in charge of performing quality controls samples checks for IT Controls, Security Incidents, and derive risk reports analysis, handle the escalations to the Global IT Security Risk Committee.
  • Support and guide the enhancements of the SIEM and the Security Incidents Management process,  in cooperation with the 1st Line of Defense. 
  • You will Create a new Information Security Management reporting framework from scratch. You will be in charge of creating a consolidated reporting framework for Information Security that will support the quarterly CISO report.
  • Analyse and support on Risk mitigation plans and create related processes in cooperation with the 1st Line of Defense. You will be engaged in designing together with Security Engineering 1st Line of Defense bridge-processes to communicate Information Security risk between defense lines and across functions within the Bank.
  • Ensure the conduction of the ISMS related Plan-Do-Check-Act cycle performed by the CISO function and that other information risk specific 2nd Line of Defense tasks are covered on an ongoing basis.
  • Be involved in managing Information Security related specific projects such as audit findings remediation planning and conduction. 

What you need to be successful:

Background: 

  • A Bachelor degree in Engineering, Computer Science or in Information Technology 
  • 2-3 years of experience doing Information Risk in a Bank or in a finance-regulated environment
  • An ISACA or ISC2 certification is strongly recommended

Skills: 

  • Strong ability to cooperate and build processes in the field together with other teams and keen on being “hands-on” in solving existing process gaps
  • Strong analytical skills, able to perceive complexity and derive efficient solutions in the field accordingly
  • Very familiar with technical features of a DevSecOps environment in the Cloud or willing to learn
  • Very good knowledge of ISM / IT Compliance international frameworks (COBIT, ISO 27001), and related German regulatory compliance standards (BAIT, ZAIT, MaRisk)
  • Fluent in English. German language skills are appreciated

Traits:

  • Actively help yourself (and others) be successful
  • Continuously learn and challenge the status quo
  • Think globally, act locally
  • Strong bias for action
  • Give and receive open, direct and timely feedback

What’s in it for you:

  • Accelerate your career growth by joining one of Europe’s most talked about disruptors, and a LinkedIn Germany Top Startup Employer three years running 🚀
  • Personal development budget, discounted public transit pass, German language classes, fitness memberships, childcare services, N26 premium bank card, employee loans, and your choice of a Mac or Windows laptop
  • 26 vacation days per year, with an additional day for each year of service - up to 30 days
  • A high degree of collaboration and autonomy while working with a group of diverse peers, and access to cutting edge technologies 
  • A relocation package with visa support for those who need it

Who we are

N26 has reimagined banking for today’s digital world. Technology and design empower everything we do and it’s how we are building the global banking platform the world loves to use.

We've eliminated physical branches, paperwork, and hidden fees for an elegant digital experience and supreme savings. Giving people the power to live and bank their way is what gets us out of bed in the morning and inspires the work that we do. 

Founded in 2013, N26 now has 7 million customers in 25 markets. Our talented team works across 8 global offices in Berlin, Barcelona, Madrid, Milan, Paris, Vienna, New York and São Paulo.

 

Sound good? Apply now for this position.

N26 is an equal opportunity employer and values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status or disability status.