Information Security Manager

• Own and drive the ISO 27001 and DORA implementation programme (priorities, roadmap, milestones, status reporting).
• Perform gap and maturity analyses against DORA, MaRisk, and ISO 27001 and track remediation.
• Manage critical ICT third-party risks in line with DORA (due diligence, contracts, monitoring, exit strategies).
• Maintain and improve security policies, standards, and control documentation.
• Continuously improve ICT risk management (risk assessments, KRIs, registers, treatment plans).
• Define and Manage Security Key Performance indicators and Key Risk Indicators.
• Coordinate internal and external audits and ensure timely closure of findings.
• Prepare regulatory notifications and incident reports and support communication with supervisory authorities.

Job located in Berlin or Paris office, with possibility of two remote working days per week

Do you have experience in Risk management?, * Degree in IT, information security, risk/compliance, or similar.

• Several years' experience in information security or ICT risk management, ideally in a regulated financial environment.
• Practical knowledge of DORA and related frameworks (e.g. ISO 27001 and MaRisk).
• Experience with audits, regulators and GRC/ISMS tools.
• Structured, pragmatic, and confident communicator across technical teams and management.
• You communicate confidently in English (C1). German skills (B2) are a welcomed advantage.

Shine exists to help freelancers and small business owners reclaim the joy of working for themselves. Running a business shouldn't mean drowning in financial admin - it should be inspiring and rewarding. Our app brings banking, invoicing, accounting and admin together in one place, so entrepreneurs can focus on what matters most: growing their business and enjoying the freedom of working for themselves.

We're a multicultural team of over 400 people across France, Germany, Denmark and the Netherlands. By bringing together leading European fintechs like Shine, Kontist and Tellow, we've built a single, intuitive platform designed for simplicity, speed and accuracy ,backed by local, award, winning support.

Your hiring experience matters Just as we respect our customers' time, we respect yours. Your experience with Shine should feel simple, transparent and genuinely supportive. If this sounds like somewhere you want to grow, we'd love to hear from you

At Shine, our Security team operates as a strategic driver rather than a support function. We work directly with leadership to integrate resilience into the company's core, navigating the complex intersection of cloud-native architecture, AI innovation, and rigorous regulatory standards like DORA and ISO 27001. By partnering cross-functionally with Engineering and Risk, we aren't just maintaining a perimeter; we are building a scalable, high-visibility security framework that defines the future of digital operational excellence in the fintech space.