Information Security Manager - Fintech (f/m/d)
A leading financial technology company is seeking an experienced Information Security Manager to join its Security & Privacy Governance team. This role offers the opportunity to shape and enhance a mature ISO 27001:2022-certified ISMS, ensure compliance with the EU Digital Operational Resilience Act (DORA), and align controls with global regulatory frameworks such as the CFTC System Safeguards and MAS TRM Guidelines.
Key Responsibilities
Governance & ICT Risk
- Own and evolve the ISO 27001:2022 ISMS and policy framework.
- Lead DORA implementation across ICT-risk governance, incident reporting, and third-party oversight.
- Map and align controls with international standards (CFTC, MAS TRM).
- Conduct ICT risk assessments and report residual risks to senior leadership.
Engineering & Operations
- Guide product teams on secure architecture and zero-trust principles.
- Define and improve technical controls (e.g., vulnerability management, access control).
- Manage and optimize security tooling (threat intelligence, IDS, deception platforms).
Detection & Response
- Oversee the full incident response lifecycle in line with NIST and regulatory expectations.
- Continuously assess threat landscape and drive improvements.
- Coordinate tabletop and purple-team exercises.
People & Culture
- Deliver engaging security awareness training across departments.
- Support audits, RFPs, and due diligence processes with clients and partners.
Your Profile
- Degree in Computer Science or related field.
- 5+ years in IT security; certifications such as CISSP, CISM, CRISC, or ISO27001 Lead Implementer/Auditor are a plus.
- Experience with security certifications (ISAE3402, SOC1/2, ISO2700x) and regulatory compliance.
- Strong analytical and communication skills; able to explain complex topics clearly.
- Fluent in English (C1+); German (B2+) is desirable.
- Self-driven, adaptable, and eager to learn.
What's Offered
- Clear career development path and regular performance reviews.
- Opportunities to rotate across development teams based on interests and skills.
- Access to internal academy and learning resources.
- Centrally located Frankfurt office with hybrid work model.
- Social events and a collaborative, international team culture.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your resume so you can be considered for roles that have yet to be created.
Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.