Data Protection and Security Manager

About the opportunity

Are you ready for your next career step We are looking for an experienced Data Protection & Security Manager to join the Data Protection & Governance team within the CISO this pivotal role you will help ensure N26 meets its data protection obligations. You will play a key role in ensuring continuity of privacy risk coverage supporting regulatory readiness and strengthening how data protection requirements are embedded in day-to-day operations.

In this role you will:

• Design maintain and continuously improve the data protection risk management framework (e.g. methodologies risk taxonomy and scoring models) ensuring alignment with the wider NFR and operational risk framework as well as applicable regulatory requirements on the protection of personal data and data subjects rights.
• Maintain the Data Protection Controls Effectiveness Testing and Evaluation Procedure coordinate the implementation and maintenance of those controls with first-line owners and report on identified deviations weaknesses and remediation progress.
• Maintain and further develop the data protection risk register and key metrics ensuring consistent methodologies high-quality input from first-line stakeholders and clear visibility of inherent and residual risks.
• Act as a 2LoD point of contact for internal data protectionrelated topics supporting the DPO and CISO Office on data privacy practices in the EU (e.g. GDPR and applicable local privacy laws) and related information security and resilience risks with awareness of relevant banking and technology regulations such as DORA MaRisk.
• Ensure the proper and timely involvement of the DPO in all relevant personal data protection matters including coordination follow-up and the administrative support needed to involve the DPO effectively.
• Manage the DPO mailbox / dedicated data protection mailbox including triage and prioritisation of incoming requests initial assessment and coordination of responses to internal and external queries.
• Develop and prepare regular privacy and data protection risk reports and global health check overviews that provide management and governance forums with a consolidated view of key risks trends and remediation progress.
• Manage or support the Data Protection General Training & Awareness program and required privacy-related trainings and contribute to the broader data protection & privacy program at N26 (e.g. roadmap key initiatives maturity improvements and regular reporting to governance bodies).
• Work cross-functionally and build strong relationships to strengthen and enhance data privacy compliance embed data protection and governance requirements into day-to-day operations and close identified gaps findings and audit actions.
• Monitor regulatory developments (e.g. EU AI Act) and emerging privacy and cyber/ Information security risks translating them into practical guidance and continuous improvements to N26s overall data protection and governance framework.
• Support audit and regulatory readiness by managing privacy-related findings and action plans ensuring clear ownership evidence quality and timely closure.

What you need to be successful:

Background:

• Bachelors degree in Law Information Security Information Technology Risk Management or a related field would be preferable but not mandatory.
• Professional privacy certifications such as IAPP CIPP/E / CIPM .
• Professional security management certifications such as CISA / CISM / CRISC or equivalent are preferable.
• Minimum of 35 years of experience in data protection / privacy risk management ideally within the banking or financial services industry.
• Experience working with risk and control frameworks audits regulatory readiness and remediation tracking is highly advantageous.
• An understanding of information security concepts (e.g. access control logging encryption incident management) and how they intersect with privacy requirements.
• Experience with third-party / outsourcing privacy topics (e.g. DPAs sub-processors PIAs/TIAs vendor risk inputs) .
• Should be able to leverage modern tooling (including AI where appropriate) to improve risk reporting.

Skills:

• Strong stakeholder management skills with the ability to influence challenge constructively and align cross-functional teams.
• Strong project and prioritisation skills with the ability to manage multiple workstreams and drive actions to closure.
• Strong analytical skills with the ability to assess privacy risk identify gaps and propose pragmatic risk-based recommendations.
• Effective communication and interpersonal skills with the ability to explain privacy and security concepts to non-technical stakeholders.
• Strong report-writing and documentation skills (e.g. risk rationales oversight notes evidence tracking management-level summaries).
• Good understanding of information security fundamentals and how they intersect with data protection requirements.
• Fluency in English (verbal and written) is mandatory. German is a plus.

Whats in it for you:

• Accelerate your career growth by joining one of Europes most talked about disruptors .
• Employee benefits that range from a competitive personal development budget work from home budget discounts to fitness & wellness memberships language apps and public transportation.
• As an N26 employee you will have access to a Premium subscription on your personal N26 bank account. As well as subscriptions for friends and family members.
• Additional day of annual leave for each year of service.
• A high degree of autonomy and access to cutting edge technologies - all while working with a friendly team of peers of diverse nationalities life experiences and family statuses.
• A relocation package with visa support for those who need it.

Who we are

N26 has reimagined banking for todays digital world. Technology and design empower everything we do and its how we are building the global banking platform the world loves to use.

Weve eliminated physical branches paperwork and hidden fees for an elegant digital experience and supreme savings. Giving people the power to live and bank their way is what gets us out of bed in the morning and inspires the work that we do.

We are headquartered in Berlin with offices in multiple cities across Europe including Vienna and Barcelona and a 1500-strong team of more than 80 nationalities.

Sounds good Apply now for this position.

Equal Opportunities:

We recognize that our strength lies in our people and the varied perspectives they bring to our workforce. We strive to build talented and diverse teams to drive our business success and empower our people to reach their full potential.

We genuinely welcome and encourage applications from people of all backgrounds cultures genders sexual orientations abilities neurodiversities and ages. Were committed to creating an inclusive workspace where everyone feels valued and respected free from harassment and discrimination. If theres anything you need to make the application process work for you please let us know by reaching out to .

Visit our website to learn more about Diversity Equity & Inclusion at N26.