N26

ICTGRCICTComplianceManager

Berlin, Berlin, Germany Remote Friendly

The Brief

“ICT GRC - ICT Compliance Manager at N26. Skills: IT compliance framework, regulatory requirements, information security practices, DORA, MaRisk, ISO 27001/27002, NIST. Own the IT compliance framework within the 2nd Line of Defense, reporting to the Deputy CISO.. Define, maintain, and continuously enhance the target measure catalogue in alignment with internal security standards and regulatory requirements.”

What You'll Achieve.

ensuring our IT systems and information security practices are robust, scalable, and aligned with evolving European and German regulatory requirements.; shape how compliance is embedded into technology, product development, and security practices.; proactively steering regulatory readiness in a fast-changing environment.; redefine compliance operations in a technology-forward organisation.; ensuring sustainable remediation in line with second Line oversight expectations within the bank.

Industry & Context.

Problems you'll solve

Advanced risk assessment and control evaluation expertise; Highly detail-oriented with analytical thinking

What They're Looking For.

Must Have

Minimum of 5–7 years of experience in IT risk management, information security, and compliance, ideally within banking or financial services., Proven experience owning regulatory compliance topics independently., Deep knowledge of regulatory frameworks such as MaRisk, BAIT, DORA, and industry standards such as ISO 27001/27002 and NIST., understanding of IT infrastructure, cloud security, application security, and network security., Fluency in English and German are required (spoken and written).

Nice to Have

Bachelor’s or Master’s degree in Information Technology, Computer Science, Information Security, or a related field (preferred)., Professional certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent strongly preferred., Experience with JIRA, Confluence, and FigJam is a plus.

What You'll Do.

Own the IT compliance framework within the 2nd Line of Defense

reporting to the Deputy CISO.

and continuously enhance the target measure catalogue in alignment with internal security standards and regulatory requirements.

Lead independent second-line compliance assessments of the ISMS and ICT control environment.

Ensure full adherence to EU and German regulations (e. g.

DORA) and relevant industry standards (ISO 27001/27002

Drive regulatory gap analyses and define strategic remediation roadmaps.

Own regulatory reporting related to ICT compliance and present progress

and mitigation plans to senior stakeholders.

Act as the primary contact for internal and external audits related to IT compliance topics for the second line CISO Office.

Design and implement AI-enabled compliance monitoring and automation initiatives.

Facilitate executive-level discussions on compliance posture

emerging regulatory developments

Continuously improve governance structures

and control effectiveness.

Independently audit and challenge 1st line ICT processes and information domain controls for alignment with DORA requirements

assessing control design and operating effectiveness

identifying regulatory gaps

and ensuring sustainable remediation in line with second Line oversight expectations within the bank.

Drive DORA related Compliance activities in the second-line and collaborating with other teams in the organisation to facilitate adherence.

How You'll Work.

Team & Collaboration

driving alignment across stakeholders; collaborating with other teams in the organisation to facilitate adherence

Communication Scope

Excellent written and verbal communication skills; Ability to translate complex regulatory requirements into clear business guidance; Fluency in English and German are required (spoken and written)

Process & Methodology

Demonstrated ability to lead complex compliance initiatives independently, project and stakeholder management skills across cross-functional environments

Free ATS check

Applying for this ICT GRC - ICT Compliance Manager role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

Skill Signal 33 detected

Core

DORA ×5

MaRisk ×5

ISO 27001/27002 ×5

NIST ×5

JIRA ×4

Confluence ×4

FigJam ×4

Required

CSA ×3

PSD3 ×3

IT infrastructure ×3

cloud security ×3

application security ×3

network security ×3

IT compliance framework ×2

regulatory requirements ×2

information security practices ×2

Nice to have

IT compliance framework design, implementation, and continuous improvement

IT systems and information security practices

Regulatory readiness

AI-driven compliance solutions

Compliance monitoring

Risk assessments

Second-line control testing

Regulatory reporting

ISMS and ICT control environment assessments

Regulatory gap analyses

Behavioural

strategic and conceptual thinking combined with hands-on execution capability

Demonstrated ability to lead complex compliance initiatives independently

project and stakeholder management skills across cross-functional environments

sense of ownership and accountability

Proactive leader with a bias for action

Comfortable challenging stakeholders constructively

Highly detail-oriented with analytical thinking

Adaptable and resilient in a fast-changing regulatory environment

Role Details

Work Mode

Hybrid

Experience

5–7 yrs

What do employees actually say about N26?

Real rants from real employees. Read before you apply.

Read Company Rants →