Information Security Officer

Location: Germany based, preferably in Frankfurt am Main About Us AllUnity is a joint venture between DWS Group, Flow Traders, and Galaxy Digital, operating as a BaFin-regulated e-money institution. The company’s mission is to create a new infrastructure for Europe’s digital financial markets by issuing a regulated euro stablecoin. AllUnity positions itself as a bridge between the traditional financial world and the blockchain economy. Join us in shaping the future of finance, pushing boundaries, and transforming how value is transferred and managed. About the Role Are you passionate about protecting data, building trust, and ensuring resilience in a fast-moving FinTech environment? As Information Security Officer (ISO) at AllUnity, you will be the driving force behind our security strategy and compliance framework. Reporting directly to the CEO, you’ll design and lead our Information Security Management System (ISMS), safeguard critical assets, and ensure compliance with regulatory standards such as ISO 27001, ZAG-MaRisk, DORA, and GDPR. This is a high-impact position at the heart of our mission. You will have direct visibility at the executive level, the opportunity to shape company-wide security culture, and the responsibility to liaise with regulators, auditors, and partners. If you’re looking for a role where your expertise makes a measurable difference in the future of financial markets, we’d love to hear from you. Tasks Key Responsibilities Your core responsibilities include: Information Security Governance: Develop, implement, and maintain AllUnity’s Information Security Management System (ISMS) in compliance with ISO 27001, GDPR, ZAG-MaRisk, DORA, and other relevant standards. Risk Management: Identify, assess, and mitigate information security risks across the organization, safeguarding critical data and systems. Policy & Standards: Draft, enforce, and continuously improve information security policies, guidelines, and technical standards.Audit & Compliance: Lead internal and external audits, coordinate remediation activities, and ensure full regulatory compliance on information security matters. Incident Response: Act as lead in security incidents and crises, managing detection, response, and recovery processes. Monitoring & Reporting: Oversee security monitoring solutions (e.g., SIEM, IDS/IPS, DLP, endpoint protection). Report on vulnerabilities, incidents, and overall security posture to senior management. Vendor & Third-Party Risk: Assess and monitor third-party providers’ compliance with AllUnity’s security standards. Training & Awareness: Design and deliver ongoing awareness programs to strengthen security culture across the company. Business Continuity Management: Serve as Emergency Officer, maintaining readiness, continuity planning, and effective crisis communication. Stakeholder Liaison: Act as central contact for supervisory authorities, internal audit, and external auditors on information security matters. Requirements Education: Bachelor’s or Master’s degree in Information Security, Cybersecurity, Computer Science, or a related field, or comparable professional training with relevant experience and recognized certifications (e.g., CISSP, CISM, CISA, ISO 27001 Lead Auditor). Experience: At least 6 years in information security, ideally in financial services or banking. Experience with blockchain/DLT and crypto environments required. Proven leadership in managing security projects in dynamic, regulated settings. Regulatory Knowledge: Strong understanding of ZAG-MaRisk, DORA, GDPR, ISO 27001, and comparable compliance frameworks. Certifications: ISO 27001 Lead Auditor (or equivalent, e.g., BSI IT-Grundschutz, NIST CSF) preferred. Technical Skills: Proficiency with security technologies (SIEM, IDS/IPS, firewalls, endpoint protection, DLP). Languages: Fluent in German and English, with the ability to present complex issues clearly to both technical and non-technical stakeholders.Mindset: Independent, ethical, resilient, and proactive with strong analytical and communication skills. Benefits Why You Should Apply Impactful Role: Take full ownership of information security and operational resilience at one of Europe’s most innovative blockchain infrastructure providers. Leadership Opportunity: Report directly to the CEO and shape AllUnity’s security strategy, governance, and regulatory compliance framework. Innovation: Contribute to pioneering Europe’s first MiCAR-compliant EUR-denominated stablecoin by safeguarding the systems that make it possible. Growth & Development: Access tailored training, learning budgets, and work alongside leading experts in fintech, regulation, and cybersecurity. Benefits Competitive Compensation 30 Days Paid Vacation Transparent Culture, Open Communication and a driven, collaborative team committed to innovation, professionalism, and excellence. Regular Team Retreats & Offsites Welcome Packages & Company Swag Ready to Apply? If you’re excited to lead AllUnity’s ISM strategy and help shape the future of digital finance, we’d love to hear from you