Information Security Controls Manager Cloud & AI Governance

About the opportunity

We are seeking an Information Security Controls Manager to join the Information Risk Management (IRM) Segment within the Information Security (IS) Controls team at N26. As a member of this team you will contribute to ensuring that Information Security Controls Framework processes are operated without any disruptions with a specialized focus on strengthening our Cloud Security posture and AI Governance frameworks. N26 and its subsidiaries operate in a variety of regulatory environments and across international boundaries while the IRM team helps N26 to navigate this complex demanding and rapidly evolving technological landscape.

In this role you will:

• Frequently communicate with various stakeholders of all levels.
• Execution and review of the Information Security (IS) Controls Framework monitoring process ensuring comprehensive coverage of cloud infrastructure and AI/ML deployments.
• Communicate Collate and review the evidence received via monthly control review request tickets (TOE).
• Perform QA reviews query and or seek clarification from stakeholders to achieve the objectives of controls effectiveness.
• Highlight the gaps/risks observed during reviews raise non-conformities particularly concerning cloud misconfigurations and AI model risks and suggest improvements to the teams or stakeholders.
• Liaise with the CISO office and the DPO office to provide updates on a monthly basis over the status of controls including compliance updates regarding cloud security and AI systems.
• Improve awareness of controls security practices and responsible AI utilization among stakeholders.
• Contribute to the team in developing KRIs tailored to traditional IT Cloud environments and AI use cases.
• Working independently and managing the IS Controls daily tasks.
• Review and update the design of the controls pages from a technical perspective and maintain the control calendar.
• Actively work on the change requests from stakeholders.
• Preparation and follow-up of Change Request tickets.
• Drafting and publishing of the monthly control reports & other documentation (MoMs).
• Support the team and stakeholders during audits and coordinating the action items and evidence.
• Maintain controls teams key documentation to ensure audit readiness.
• Equally participate in designing controls developing working instructions and procedures that are required based on security standards and regulations such as ISO 27001 EU GDPR DORA SWIFT NIS2 and the EU AI Act.
• Evaluate and map internal control frameworks to cloud security benchmarks (e.g. Cloud Security Alliance (CSA) BSI C5) and AI governance frameworks.
• Facilitate and make sure that all key processes have been documented in an easy and efficient process flow.
• Design and update working instructions to implement the requirements coming from the policies.
• Identify and surface process or tooling-related inefficiencies and support AI enabled process optimizations
• Mapping of Internal control framework to the various regulations/Standards.

What you need to be successful:

• Bachelors or Masters degree relevant to information security or computer science.
• You have approximately 4-6 years of experience in an information security compliance risk or audit role.
• Demonstrated experience or strong knowledge of Cloud Security controls (AWS/Google Cloud preferred) and AI/ML governance risk frameworks.
• Previous hands-on experience or knowledge on security standards such as ISO 27001 ISO42001 NIST BSI C5 and other regulatory requirements like DORA EU AI Act EU CRA & EU GDPR.
• Good understanding of Information & Communication Technologies (ICT) and Security controls. Previous experience related to audit/compliance frameworks and methodologies is a plus.
• Ability to communicate clearly with peers as well as stakeholders of all levels.
• You are proficient in using Jira Confluence and Google Workspace apps. (i.e. Docs Sheets Slides). Good understanding of Google Sheets features and formulas.
• Previous experience with Compliance tools is a plus (i.e. ServiceNow OneTrust..).
• Ability to analyze and evaluate documentation reports data flowcharts etc. for IT processes such as system development cloud infrastructure management and IT operations.
• Fluency in English is strictly required. German proficiency is a plus.
• You have insight into information security and are willing to become deeply acquainted with EU regulatory laws standard banking requirements as well as cloud-native banking IT-Systems.
• You have a hands-on mentality and are comfortable to share improvement ideas about existing processes.

Whats in it for you:

• Accelerate your career growth by joining one of Europes most talked about disruptors .
• Employee benefits that range from a competitive personal development budget work from home budget discounts to fitness & wellness memberships language apps and public transportation.
• As an N26 employee you will have access to a Premium subscription on your personal N26 bank account. As well as subscriptions for friends and family members.
• Additional day of annual leave for each year of service.
• A high degree of autonomy and access to cutting edge technologies - all while working with a friendly team of peers of diverse nationalities experiences and backgrounds.
• A relocation package with visa support for those who need it.

Who we are

N26 has reimagined banking for todays digital world. Technology and design empower everything we do and its how we are building the global banking platform the world loves to use.

Weve eliminated physical branches paperwork and hidden fees for an elegant digital experience and supreme savings. Giving people the power to live and bank their way is what gets us out of bed in the morning and inspires the work that we do.

We are headquartered in Berlin with offices in multiple cities across Europe including Vienna and Barcelona and a 1500-strong team of more than 80 nationalities.

Do you see yourself thriving in this role Wed love to see your application even if you dont meet 100% of the criteria. You may just be the right fit for this or other roles!

Equal opportunities for all

At N26 we believe our strength lies in our people and the varied perspectives they bring. We strive to build diverse teams that drive innovation and business success. We actively seek talent from all backgrounds and welcome applications from all genders cultures sexual orientations abilities neurodiversities and ages.

We are committed to providing an excellent and accessible candidate experience. If you require any accommodations to make this process work for you please let us know. Were here to support you!

Discover more about Diversity & Inclusion at N26: Experience:

Manager