(Senior) Information Risk and Security Manager | (Senior) Information Risk and Security Manager

Job Summary

This role involves acting as a key partner and consultant within the Compliance department, focusing on preventing and combating illegal actions and regulatory breaches through robust information security management. The successful candidate will be responsible for identifying, analyzing, and assessing IT and information risks, and advising business units on security requirements for new IT services, products, and platforms. A core function is contributing to the design, implementation, monitoring, and continuous improvement of the Information Security Management System (ISMS) using the PDCA cycle, ensuring adherence to critical regulatory frameworks like DORA, MaRisk, NIS 2, and ISO 27001. The manager will also conduct proactive threat and risk analyses, manage risk treatment documentation, oversee external service providers, and take responsibility for the Security Operations Center (SOC), SIEM, and Vulnerability Management functions.