Security Governance, Risk & Compliance (GRC) Manager

Grow with us! Universal Investment is on its way to becoming Europe's leading fund services platform and Super ManCo. We have provided innovative fund solutions for asset managers and institutional investors since 1968. We operate in fund launch locations across Germany, Luxembourg and Ireland. From our offices in Frankfurt, Krakow, Luxembourg, Dublin, Paris and Stockholm, we continue to expand internationally. We are currently looking for entrepreneurial people who want to grow and share in the profits of our success.

We are currently looking for a colleague to join our Group Information Security Department within the Chief Risk Officer organization. We are responsible for managing and coordinating all Second Line of Defense information security and cybersecurity activities across the Group.

Your tasks and responsibilities:

• Design, implement, and operationalize an ISO27001-based ISMS for the group.
• Ensure alignment with DORA regulations and national security compliance requirements across multiple EU jurisdictions.
• Develop and embed a compliance monitoring and measurement framework, including KPIs, KRIs, and SLA alignment between group and local entities.
• Collaborate with first line of defense security and IT teams to build operational security processes and technologies.
• Report on the effectiveness of ISMS controls and compliance directly to the CISO.
• Work closely with risk management, business continuity, and data protection teams as part of the second line of defense.
• Lead security governance forums and ensure proper security risk reporting mechanisms are in place.

Your skills and experience:

• Extensive experience in ISO27001 ISMS implementation and governance.
• Good knowledge of DORA (Digital Operational Resilience Act) and its implications for financial services.
• Ideally, prior experience in EU financial services security governance, risk, and compliance (GRC).
• Expertise in developing and managing security compliance metrics (KPIs/KRIs).
• Experience working with first and second lines of defense in security, IT, and risk functions.
• Strong background in running governance forums and managing regulatory compliance frameworks.
• Excellent stakeholder management skills and the ability to communicate effectively at all levels.

What we offer:

• Private health care and travel insurance
• Life insurance
• Cafeteria Platform and sports package
• Company Pension Benefits – Employee Savings Plan
• Attractive Employee Referral Bonus Program
• Additional day off for charity
• Holiday subsidy („wczasy pod gruszą”)
• Free German language lessons
• Possibility of working from home

The recruiting entity here is Universal-Investment-Gesellschaft mbH