Chief Information Security Officer (w/m/d)

Munsbach
Compliance /
Full-time /
Hybrid
Apply for this job
About us   

Unzer is a leading European fintech company with a mission to simplify international payments for e-commerce and retail businesses. Our brand was formed from 13 companies that now contribute to building a unique product covering the entire payment flow.  

At Unzer, we are driven by the belief that customers should enjoy a seamless shopping experience, no matter where they choose to shop. We are a team of over 750 experts from 70 different nationalities, dedicated to creating a state-of-the-art unified commerce platform. Our goal is to enable businesses to delight their customers with a seamless payment experience.  

Whether you're a tech enthusiast, payment expert, or a dedicated support professional, we are looking for individuals who are passionate about making a difference.  

Our offices: We are based across Austria, Denmark, Germany and Luxembourg with a HQ in Berlin.  

What your work will look like:

    • Lead ICT risk management for the Luxembourg office, ensuring robust risk management processes that align with group standards and local regulations.
    • Ensure full compliance with ICT risk-related regulatory requirements by staying updated on new regulations and coordinating with subject matter experts. Develop strategic plans for effective ICT risk management oversight.
    • Conduct independent assessments, validate control actions, and ensure proper risk identification as part of independent oversight. Oversee compliance with group and local policies, and develop systems to monitor adherence. Analyze and challenge the technology risk management framework to ensure policies are current and appropriate for the risks faced.
    • Establish and review ICT risk limits quarterly, or more frequently based on market or internal changes. Assess and monitor the internal control environment to ensure its effective operation.
    • Provide risk management guidance based on relevant analysis and controls, and oversee the Luxembourg measurement framework, including risk aggregation and monitoring within the ICT Risk Appetite Framework.
    • Ensure appropriate resources and development opportunities for ICT risk management staff. Set ICT risk priorities, fostering open communication and effective challenge regarding risk mitigation strategies. Promote technology risk awareness and organize communication meetings.
    • Act as the main contact for internal and external audits and regulatory bodies on ICT risk management. Oversee the information security risk management framework, ensuring compliance with ISO requirements and DORA. Manage operational resilience testing activities, including independent vulnerability scans and tests.
    • Report ICT risks and resolve deficiencies promptly. Oversee the tracking and escalation of issues, including exceptions for the Luxembourg office.
    • Provide regular risk updates to the Luxembourg Board and authorized management, and annual updates to the CSSF. Set the risk appetite for Luxembourg and seek approval from the Luxembourg Board.
    • Act as the primary ICT risk contact for regulators in the region. Support incident management and raise awareness of critical ICT risks. Ensure accurate reporting on the local ICT risk posture and meet regulatory requirements. Coordinate ICT risk assessments with the Group’s Technology and Risk teams to address local needs.

What you need to be successful in this role:

    • Bachelor's degree in Information Technology, Computer Science, Risk Management, or a related field; a Master's degree is a plus.
    • Extensive experience in ICT risk management, information security, or a related discipline, preferably within the financial services sector.
    • Strong knowledge of regulatory requirements and standards, such as ISO, DORA, and other relevant frameworks.
    • Proven track record of developing and implementing effective risk management strategies and frameworks.
    • Excellent analytical and problem-solving skills with the ability to assess complex risks and provide strategic guidance.
    • Strong leadership and team management skills, with experience in fostering a collaborative and high-performance work environment.
    • Excellent communication and interpersonal skills, with the ability to engage effectively with stakeholders at all levels, including regulators and board members.
    • Relevant professional certifications, such as CISM, CISSP, CRISC, or equivalent, are highly desirable.
What's in there for you:

🏑 Work from home up to 60% of the time. We want you to keep your work-life balance.  
🚲 Mobility support, whether you choose bike rental or leasing or a Deutschland ticket - we've got you covered.  
🫴 Explore counselling assistance, be it for professional or personal matters, through our associated platform.  
πŸ–οΈ 15 days a year of workation from your desired destination within the EU.  
πŸ•Ÿ Flexible working hours – you get to choose the schedule that works best for you!  
πŸ“— Learning budget of 1000 euros per year – you can develop your passions with us.  
πŸŽ‰ Enjoy some fun moments with your coworkers – we throw a company party once a year and host several team events!  
Apply for this job

Unzer Home Page

Jobs powered by Lever logo