Lead and mature the information security posture across the finanzen.net Group while building a risk-driven security capability that supports ambitions in Neo-Brokerage and digital finance.
You are responsible for leading and maturing our information security posture across the finanzen.net Group (Zero, Finnet, TraderFox). Operating at the intersection of cyber risk, regulatory compliance, and business enablement, this role demands both strategic vision and hands-on operational leadership. As a regulated financial services organisation under BaFin scrutiny, the CISO will build a security programme that meets the highest standards of resilience; transforming our current baseline into a mature, risk-driven security capability that supports our ambitions in Neo-Brokerage and digital finance.
Core Responsibilities
Security Strategy & Governance:
Shape and drive the Group-wide security strategy
Turn regulatory requirements into clear priorities
Close key gaps across assets, vulnerabilities, and third parties
Risk Management & Compliance:
Build and run a DORA-aligned ICT risk framework
Create transparency across risks and controls
Report clearly to senior leadership and the board
Vulnerability & Threat Management:
Roll out vulnerability management across the Group
Reduce critical findings and remediation backlog
Improve detection through stronger SIEM capabilities
Endpoint & Identity Security:
Expand endpoint protection and MFA coverage
Improve device health and security visibility
Enforce consistent controls across all entities
Security Awareness & Developer Enablement:
Build a stronger security-first culture
Increase awareness training completion
Enable developers through secure coding and champions
Incident Response & Assurance:
Lead incident response and post-incident reviews
Run regular backup and response tests
Anchor assurance activities in daily operations
Third-Party & Supply Chain Risk:
Strengthen third-party risk management
Raise due diligence standards for vendors
Reduce supply chain risk across the Group
Security Leadership & Regulatory Expertise
Proven leadership in information security, ideally in regulated financial services or FinTech
Strong knowledge of DORA, GDPR, BaFin, and common control frameworks such as CIS, ISO 27001, and SOC 2
Experience leading audits, assessments, and regulatory reviews
Security Programme & Risk Management
Track record of building structured, risk-driven security programmes
Experience improving security maturity in complex or fast-growing environments
Strong understanding of vulnerability management, remediation workflows, and risk reporting
Stakeholder Management & Execution
Able to communicate security risks clearly to Board and senior stakeholders
Strong cross-functional influence across Engineering, IT, Legal, and Compliance
Proven ability to roll out security processes with measurable impact
Technical & Operational Expertise
Solid understanding of security architecture across endpoints, identity, networks, and cloud
Hands-on experience with SIEM, EDR/XDR, vulnerability scanning, and asset management tools
Good awareness of AI-related security risks and secure AI adoption in regulated environments
You’ll join a modern work environment with over 250 colleagues, shaped by trust, flexibility, and genuine collaboration. You’ll work in a hybrid setup and use our office hubs in Karlsruhe, Munich or Berlin; complemented by up to 15 days of “workation” within the EU per calendar year.
We actively support your personal and professional development through training, seminars, and conferences in the dynamic fintech and stock/financial sector. We place great importance on an open, collaborative atmosphere, team spirit, and shared success.
You can also expect the following benefits:
Modern office hubs & hybrid working
Training and development opportunities in financial markets/investing
Regular team events & a strong company culture
Health & mobility benefits (bike leasing, public transport subsidy)
Attractive financial benefits & additional perks
An environment where you can contribute, grow, and feel comfortable
finanzen.net GmbH is a dynamic FinTech company that empowers private and professional investors in their investment decisions. It operates key platforms including finanzen.net, a leading financial information portal in the DACH region; finanzen.net ZERO, a cost-effective neobroker for secure trading; and TraderFox, which offers financial information and trading tools for investors of all levels. By strategically unifying its business units, finanzen.net GmbH seeks to enhance its position as a top investment platform.
Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!
Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.
Chief Information Security Officer (CISO) Q&A's