IT Security Manager – Risk, Compliance & DORA | IT Security Manager – Risk, Compliance & DORA (m/w/d)
CEE Kapitalverwaltungsgesellschaft mbH
Job Summary
As an IT Security Manager, you will lead the end-to-end implementation and continuous improvement of the information security and resilience framework in accordance with the Digital Operational Resilience Act (DORA). Your daily responsibilities include conducting gap analyses against regulatory standards like MaRisk and BAIT, managing ICT risk assessments, and overseeing business continuity management (BCM) and disaster recovery tests. You will play a pivotal role in managing third-party ICT service provider risks and coordinating with internal and external auditors. This position is ideal for a professional who can translate complex regulatory requirements into operational practices while communicating effectively across all levels of the organization, from developers to the board. The role offers a unique opportunity to shape the digital resilience of a growing company in a regulated financial environment, featuring a hybrid work model, a modern office in Hamburg, and a strong focus on sustainable action.
Required Skills
Education
University degree in (Business) Informatics, Information Security, Risk/Compliance, or a comparable qualification.
Experience
- Several years of professional experience in Information Security or ICT Risk Management
- Minimum 2 years of focused experience with DORA or comparable frameworks (e.g., NIS2, ISO 27001, BAIT/KAIT)
- Professional experience in regulated financial environments such as banking, insurance, or FinTech
- Proven experience in audit preparation and dealing with supervisory authorities
- Experience in managing ICT outsourcing and contractual regulatory requirements
Languages
Additional
- The role is based in Hamburg with a hybrid work model (up to 2 days mobile work). Candidates must be able to handle regulatory reporting and communication with supervisory authorities.