ICT GRC - ICT Compliance Manager

About the opportunity

We are seeking an ICT GRC - ICT Compliance Manager to join our team. In this role you will be fully accountable for the design, implementation, and continuous improvement of our IT compliance framework. You will lead the compliance topic end-to-end, ensuring our IT systems and information security practices are robust, scalable, and aligned with evolving European and German regulatory requirements.

In this role, you will not only ensure adherence to regulations, you will shape how compliance is embedded into technology, product development, and security practices. You will act as the central authority for IT compliance within the 2nd Line of Defense, driving alignment across stakeholders and proactively steering regulatory readiness in a fast-changing environment.

With AI and automation transforming compliance processes, you will evaluate, design, and implement AI-driven solutions to enhance compliance monitoring, risk assessments, second-line control testing, and regulatory reporting. This is your opportunity to redefine compliance operations in a technology-forward organisation.

In this role, you will

Own the IT compliance framework within the 2nd Line of Defense, reporting to the Deputy CISO.

Define, maintain, and continuously enhance the target measure catalogue in alignment with internal security standards and regulatory requirements.

Lead independent second-line compliance assessments of the ISMS and ICT control environment.

Ensure full adherence to EU and German regulations (e.g., MaRisk,CSA,PSD3, DORA) and relevant industry standards (ISO 27001/27002, NIST, etc.).

Drive regulatory gap analyses and define strategic remediation roadmaps.

Own regulatory reporting related to ICT compliance and present progress, risks, and mitigation plans to senior stakeholders.

Act as the primary contact for internal and external audits related to IT compliance topics for the second line CISO Office.

Design and implement AI-enabled compliance