(Senior) Information Security Specialist

We're looking for a skilled Information Security Specialist (f/m/d) to strengthen our cloud and AI security posture. You'll be instrumental in protecting our critical infrastructure, implementing security best practices, and ensuring compliance with industry standards. With your expertise in cloud environments (especially AWS), vulnerability management, and emerging AI security challenges, you'll help us stay ahead of evolving threats while supporting our innovative financial technology solutions.

Bringing your solid foundation in security frameworks and practical experience with cloud security platforms, you'll lead risk assessments, incident investigations, and security improvements across our organization. If you're passionate about solving complex security challenges in a fast-paced fintech , we invite you to join our team and make a significant impact on our security journey.

What you can do with us:

• Evaluate and strengthen internal security controls and processes, driving continuous improvement of our Information Security Management System and related policies
• Participate in internal and external audits (e.g. ISO 270xx)
• Develop and enhance threat models for PAIR Finance resources and services, conducting security risk assessments and defining targeted mitigation strategies based on threat models
• Investigate end-to-end information-security incidents, preparation of comprehensive reports for management and regulators
• Monitor threat intelligence, hacking techniques, and CVEs affecting our AWS and M365 environments
• Collaborate with DevOps and Product teams to integrate security throughout the Software Development Lifecycle
• Assess both in-house and third-party AI systems for security, compliance, and data protection requirements
• Implement AI security frameworks such as NIST AI RMF, OWASP ML/AI Security
• Utilize Wiz and similar platforms to identify, prioritize and remediate cloud security risks (CSPM/CIEM)
• Execute vulnerability scans, analyze DAST results, and support penetration testing activities, * Strong experienced international team to support and mentor you along the way, smooth onboarding process
• International team of 30+ nationalities with professionals and experts
• Flat hierarchy, transparent and appreciative feedback culture, monthly all hands meetings, annual feedback and evaluation cycle, regular 1-on-1s with your lead
• Well-structured onboarding process as well as supportive and welcoming colleagues
• Personal learning & development budget as well as German and English language courses
• Good salary for your strong performance
• Unlimited employment contract, flexible working hours and 28 vacation days for your work-life balance
• Company pension plan, partly covered Deutschlandticket (public transport) and access to "Corporate Benefits" voucher platform to ensure your full well-being
• Fun company summer and Christmas parties as well as regular team events
• This role is based in Berlin, and we have a hybrid working policy. Modern office near Uhlandstraße is complete with fresh fruit, muesli and drinks for a comfortable and enjoyable workplace

Do you have experience in SDLC?, * Strong communication skills in English (B2+) and German (B1 minimum, B2 preferred)

• Academic degree in Information Security, Cybersecurity, or equivalent field
• 3+ years hands-on experience securing cloud infrastructure (AWS, Azure, GCP); AWS expertise is highly desirable (SecurityHub, IAM, WAF, GuardDuty)
• Solid knowledge of security frameworks such as ISO 270xx, BSI Grundschutz, NIST, SOC2
• Practical experience with cloud security platforms and CSPM/CIEM (Wiz experience is a significant advantage)
• Ability to write and maintain clear technical documentation
• A level of technical expertise that would allow you to evaluate severity and applicability of vulnerabilities and quality of fixes in a cloud environment
• Proven track record with vulnerability management, DAST tools, and penetration testing methodologies (OWASP, PTES)
• Forward-thinking mindset with knowledge of emerging AI security threats (prompt injection, model misuse, data poisoning)
• Relevant certifications (nice-to-have): CISSP, CISM, CISA, ISO 27001 Lead Implementer / Lead Auditor, AWS Security Specialty, BSI Grundschutz Practitioner, AI-related certifications (e.g. Certified AI Security Specialist)

Transparency, Execution, Ownership, Customer Centricity, Innovation and Integrity are important to us and we at PAIR Finance embody these values. Do you find yourself in these values? Then become part of our team and complement us with your individual motivation and character!

We are rethinking debt collection with our digital debt collection solution, characterized by our high customer orientation and efficiency standards. By using artificial intelligence, we are combining technology with behavioral science and so we are able to contact customers individually and in a simple way throughout the entire collection process. Strengthened by one of the most renowned private equity firms in the fintech sector, Pollen Street, as well as partnerships with other investors such as Zalando Payments, PAIR Finance offers an excellent opportunity to dive deep into and actively shape the fintech industry.