The Role:

In this role, you will proactively assess potential threats, oversee risk controls, and provide strategic recommendations to minimize vulnerabilities. You will also drive risk awareness across departments, supporting decision-making processes that align with business objectives and industry best practices.

This is an exciting opportunity for a detail-oriented professional with a strong background in IT risk, cybersecurity, and compliance to make a meaningful impact in a dynamic and evolving digital landscape.

Your Responsibilities:

• Oversee security risk management by developing and executing test plans.
• Continuously manage security risks by operating security processes and performing controls.
• Conduct ongoing risk assessments of the bank's local information domain.
• Serve as the primary contact for defining security-related policies and procedures in collaboration with internal stakeholders.
• Provide strategic security guidance to IT operations as a trusted partner.
• Support and advise departments on operational security matters.
• Coordinate security-related changes with internal and external stakeholders.
• Provide oversight and guidance on security topics.
• Design and deliver regular and ad-hoc security reports for the Management Board and other stakeholders.
• Develop, maintain, and monitor key security performance indicators (KPIs).
• Plan and execute regular training sessions and awareness campaigns.
• Assess legal and regulatory security changes and ensure their integration into local processes.
• Evaluate current and potential suppliers from a security perspective.

Your Skills & Experience:

• In-depth knowledge of security standards (e.g., ISO, BAIT, DORA, MaRisk).
• Bachelor's degree in Computer Science or a related field.
• Several years of experience in security, risk, compliance, or audit within the financial services industry.
• Interest in additional risk areas, such as data quality management, financial reporting, and technology.
• Knowledge and/or experience with frameworks such as NIST, ITIL, BCBS 239, CRR, and SOX.
• Fluent in written and spoken English (German).