devjobs.de

ICT Compliance Manager

Job Zusammenfassung · Berlin | Deutschland · Hybrid, Onsite

Gehalt auf Anfrage

Gefunden am 03.06.2026

Match

84%

Fit in Skills, Kultur und Entwicklungspfad.

Beschreibung

Job Zusammenfassung In dieser Rolle bist du verantwortlich für das Design und die Implementierung des IT-Compliance-Frameworks, führst Risikoanalysen durch und entwickelst AI-gestützte Compliance-Lösungen zur kontinuierlichen Verbesserung bei der Einhaltung von regulatorischen Anforderungen. Job Zusammenfassung In dieser Rolle bist du verantwortlich für das Design und die Implementierung des IT-Compliance-Frameworks, führst Risikoanalysen durch und entwickelst AI-gestützte Compliance-Lösungen zur kontinuierlichen Verbesserung bei der Einhaltung von regulatorischen Anforderungen. Deine Rolle im Team We are seeking an ICT GRC - ICT Compliance Manager to join our team. In this role you will be fully accountable for the design, implementation, and continuous improvement of our IT compliance framework. You will lead the compliance topic end-to-end, ensuring our IT systems and information security practices are robust, scalable, and aligned with evolving European and German regulatory requirements. In this role, you will not only ensure adherence to regulations, you will shape how compliance is embedded into technology, product development, and security practices. You will act as the central authority for IT compliance within the 2nd Line of Defense, driving alignment across stakeholders and proactively steering regulatory readiness in a fast-changing environment. With AI and automation transforming compliance processes, you will evaluate, design, and implement AI-driven solutions to enhance compliance monitoring, risk assessments, second-line control testing, and regulatory reporting. This is your opportunity to redefine compliance operations in a technology-forward organisation. Own the IT compliance framework within the 2nd Line of Defense, reporting to the Deputy CISO. Define, maintain, and continuously enhance the target measure catalogue in alignment with internal security standards and regulatory requirements. Lead independent second-line compliance assessments of the ISMS and ICT control environment. Ensure full adherence to EU and German regulations (e.g., MaRisk,CSA,PSD3, DORA) and relevant industry standards (ISO 27001/27002, NIST, etc.). Drive regulatory gap analyses and define strategic remediation roadmaps. Own regulatory reporting related to ICT compliance and present progress, risks, and mitigation plans to senior stakeholders. Act as the primary contact for internal and external audits related to IT compliance topics for the second line CISO Office. Design and implement AI-enabled compliance monitoring and automation initiatives. Facilitate executive-level discussions on compliance posture, emerging regulatory developments, and risk exposure. Continuously improve governance structures, compliance processes, and control effectiveness. You will independently audit and challenge 1st line ICT processes and information domain controls for alignment with DORA requirements, assessing control design and operating effectiveness, identifying regulatory gaps, and ensuring sustainable remediation in line with second Line oversight expectations within the bank. Drive DORA related Compliance activities in the second-line and collaborating with other teams in the organisation to facilitate adherence. Unsere Erwartungen an dich Ausbildung Bachelor's or Master's degree in Information Technology, Computer Science, Information Security, or a related field (preferred). Qualifikationen Professional certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent strongly preferred. Deep knowledge of regulatory frameworks such as MaRisk, BAIT, DORA, and industry standards such as ISO 27001/27002 and NIST. Strong understanding of IT infrastructure, cloud security, application security, and network security. Strong strategic and conceptual thinking combined with hands-on execution capability. Demonstrated ability to lead complex compliance initiatives independently. Advanced risk assessment and control evaluation expertise. Strong project and stakeholder management skills across cross-functional environments. Proficiency in compliance and risk management tooling. Excellent written and verbal communication skills. Ability to translate complex regulatory requirements into clear business guidance. Fluency in English and German are required (spoken and written). Erfahrung Minimum of 5-7 years of experience in IT risk management, information security, and compliance, ideally within banking or financial services. Proven experience owning regulatory compliance topics independently. Experience interacting with regulators and external auditors. Experience with JIRA, Confluence, and FigJam is a plus. Unser Angebot Accelerate your career growth by joining one of Europe's most talked about disruptors. Employee benefits that range from a competitive personal development budget, work from home budget, discounts to fitness & wellness memberships, language apps and public transportation. As an N26 employee you will have access to a Premium subscription on your personal N26 bank account. As well as subscriptions for friends and family members. Additional day of annual leave for each year of service. A high degree of autonomy and access to cutting edge technologies - all while working with a friendly team of peers of diverse nationalities, experiences, and backgrounds. We work in a hybrid setup, combining in-office collaboration with the flexibility to work from home. A relocation package with visa support for those who need it. Benefits Essen & Trinken ☕️ Kaffee, Tee o. Ä 🥪 Snacks, Süßigkeiten Work-Life-Integration 🧳 Relocation Package 🍼 Kinderbetreuung Mehr Netto 💻 Notebook zur Privatnutzung 👷‍♂️ Zusatzversicherung Themen mit denen du dich im Job beschäftigst Automation Cyber/Security AI Metadaten Level: Senior Job Feld: IT, Project, Security Anstellung: Vollzeit Vertragsart: Unbefristetes Dienstverhältnis Arbeitsmodell: Hybrid, Onsite Unternehmenstyp: Etablierte Firma Branche: Banken, Finanz, Versicherung Ort: Berlin | Deutschland

Tech Stack

Keine Tech-Tags verfügbar.

Warum passt du zu dieser Stelle?

Fit technisch: Stark auf Backend und API-Architektur.

Gaps: Fehlende Tool-Erfahrung in 1-2 Schlüsselbereichen.

Success-Wahrscheinlichkeit: Hoch bei schneller Einarbeitung.