Your Role

Your Tasks

• IT security framework & policies: Implement and oversee the company's IT security framework, define policies, standards, and key controls, and ensure they are applied consistently across all systems and processes.
• Cybersecurity by design: Integrate security into every phase of the system development life cycle (SecDevOps), ensuring security is a core element of product and platform design.
• Risk & compliance management: Continuously evaluate the company's IT risk posture, conduct risk analyses, and ensure compliance with relevant regulations and industry standards (eg, DORA, BAIT).
• Business continuity: Manage business continuity planning and disaster recovery, ensuring resilience of critical systems.
• Operational security responsibilities: Take ownership of access management, monitoring of security-critical systems, and other high-trust security tasks.
• Certifications & audits: Lead IT security certification initiatives and support audits with internal and external stakeholders.
• Incident response: Direct incident management and crisis response, coordinating immediate actions and long-term remediation.
• Culture & awareness: Drive cybersecurity awareness and training programs, fostering a company-wide culture of strong security practices.
• Ownership: Take ownership of IT security initiatives and align with group-wide policies, with the opportunity to build, mentor, and lead a high-performing team as the function grows.
• External engagement: Represent the company on IT security topics in collaboration with partners, clients, auditors, and regulators.

What You Bring to the Table

• Experience: At least 5 years of professional experience in information security, ideally in a regulated environment (finance or crypto preferred), with exposure to both hands-on engineering and some leadership responsibility.
• Engineering background: Solid working experience as a systems engineer with strong technical expertise in IT infrastructure, networking, and cybersecurity technologies (eg, firewalls, intrusion detection/prevention systems, VPNs, authentication, encryption).
• Frameworks & standards : Familiarity with major security frameworks and regulatory requirements, including ISO 27001, NIST Cybersecurity Framework, SOC II, CIS Controls, GDPR, DORA, BAIT, and NIS2; proven ability to implement or work with certification processes.
• Certifications: Professional security certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
• Education: University degree in computer science, information security, or a related technical field (or equivalent practical experience).
• Languages: Fluency in English (written and spoken) is required; German skills are a strong plus.
• Strategic mindset: Ability to combine a hands-on, operational approach with a forward-looking view to align security measures with business objectives.
• Startup drive: Pragmatic, solution-oriented, and willing to go the extra mile in a fast-paced environment where initiative and accountability are valued.

What We Offer You

• Dynamic and Innovative Environment: Work in the midst of a dynamic, fast-growing, and innovative sector of digital assets
• Challenging Tasks: Engage in exciting activities with opportunities for personal and professional development
• Attractive Compensation: Competitive remuneration that rewards success and performance
• Modern Hybrid Work Environment: Hybrid work opportunities in Stuttgart, Berlin, or Frankfurt with flexible working hours.
• Additional Benefits: Perks such as bike leasing, Workflex (up to 20 days/year working in a European country of your choice), and 30 days of vacation, plus extra days off on December 24th and 31st.
• Excellent Network: Access to a network of leading financial institutions and key players in the financial market.

Join our team and become part of our success story!