Information Security - Assisting Manager (f/m/div) in Hamburg or Berlin
- Gaußstraße, 22765 Hamburg, Germany
Join us to Unlock Consumer Financial Potential with one Click!
As Europe's first banking service provider and regulated payment institution under the Payment Services Directive (PSD2) , figo makes banking and payments infrastructure accessible for new use cases. Partners can aggregate and analyse financial sources, initiate payments, verify account data or categorise transactions. In March 2019, figo and finreach solutions decided to join forces; our two great locations (Hamburg and Berlin) and a team of 90 employees form the leading European Software-as-a-Service API platform for financial products. We combine experience, passion and commitment, bring all players in the financial world together at eye level, and drive the digitalisation and transformation of the financial industry.
About the role:
Ware looking for a self-organised, open-minded, empathetic and hands-on Information Security professional, who will join our Governance & Risk Department in order to operate our Information Security Management System. Your focus is compliance with supervisory legislation and ISO/IEC 27001 as well as living up to our overall Risk Management Framework. In close cooperation with our Information Security Officer as well as our Application Security Engineer you will drive and manage all related topics. Through your pragmatic approach within the scope of your tasks, you raise awareness for security issues among our colleagues in both locations with the ultimate goal of guaranteeing the confidentiality, integrity and availability of information worthy of protection. You will work on an autonomous basis and report to our Information Security Officer and Chief Risk Officer.
What you'll achieve:
- Warm welcome by a motivated Governance & Risk Team in Hamburg
- Setting a basis for great cross-team work with our Application Security Engineer
- Start cooperating with our external Data Privacy Officer to ensure aligned concepts as well as own all our Information Security Policies, Guidelines and Processes
- Getting to know our special environment, i.e. practising regulatory expertise in an agile tech startup
- Familiarise with our products, our platform, our organisation and the overall team in Hamburg and Berlin
First months and beyond:
- Becoming a knowledge multiplier on our Information Security Management System (ISMS)
- Working with team and customer enquiries related to Information Security
- Actively driving new security initiatives with the Application Security Engineer and taking care of proper and up-to-date documentation
- Cooperating closely with our Application Security Engineer and other representatives of our IT Operations and Engineering Teams in order to find practical and organization-specific implementation options, strategically aligned with our Information Security Officer and Chief Risk Officer
- Operating and adapting our ISMS in an agile and therefore exciting environment while taking regulatory requirements, ISO/IEC 27001, our business objectives, customer requirements as well as security best practices into account
- Further develop and improve a reliable vulnerability management as well as a professional security incident management and incident response process with our IT Operations department
- Contributing to our overall Risk Management Framework in line with its established standards by conducting risk assessments, initiating and checking the appropriateness of information security measures, advising the team in all questions of information security as well as by providing awareness and training within the sphere of information security
- In this way you will be step by step enabled to become a competent contact person for all ISMS-related queries by financial authorities as well as external or internal auditors
- Creatively raising awareness for security issues within our teams in both locations (Hamburg and Berlin)
What you'll need to be successful:
- University Degree in a related field or supplementary qualification, e.g. TÜV auditor certificates
- Current experience with implementing or auditing parts of or full ISMS, e.g. by supporting a Chief Information Security Officer (CISO) or being part of TÜV audit teams
- Experience with change management; strong sense of responsibility, communication and presentation skills (in English and German) as well as a professional and reliable demeanor, esp. when involved in the handling of security vulnerabilities and security incidents
- Ability to put security requirements and determined risks in an appropriate business context and to also work with the business teams to drive and prioritize improvements
- Familiar to analysis and evaluation of internal applications and systems regarding security gaps on process level
- Initial understanding of technological trends and (regulatory) developments in the areas of information security, web architectures, cloud native computing, microservices and authentication methods
- Interest to work with agile methods and processes as well as target- and result-oriented working methods, incl. close product development involvement (business enabling security measures)
- A strong interest in the change of the financial industry (direct financial industry background is an advantage but not a must have)
What you’ll get from us:
Working with us means you will be challenged every day by our customers and your peers. You can be yourself, speak freely, be trusted and respected. You get to give and receive regular feedback, to improve yourself and others. We know that exceptional people don’t choose jobs based solely on benefits, but we do our best to make sure that you’re set up for success. In other words;
- We'd love for you to join our international, solution-oriented team, where collaboration and transparency are our core values
- You can bring your fresh ideas to the company, and define the way you want to work. Our culture cares about you as an individual
- You can take advantage of a leadership team with huge industry expertise, that is dedicated to continuously improving both your personal growth and development and the organization, in a way that ensures long term success
- If you like, we actively support you in becoming a public Information Security Influencer for Open Banking and PSD2 topics
- Our highly experienced People & Organization department with a long track record of hiring and supporting international employees, will be there to support you and your family; to make sure your experience relocating to Hamburg (or Berlin) is a great one :-)
Additional benefits and rewards can be found on our careers website.
What have you done before? What are you interested in? What motivates you? Please apply online with your LinkedIn profile (or CV if you prefer). For more information about figo as an employer, check out www.figo.io/career. If you have any questions, our colleague Bea will be happy to answer.
To all recruitment agencies: figo does not accept unsolicited agency resumes. Please do not forward resumes to figo employees or to any other company location. Figo is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with the company.