Information Risk Manager (m/f/d)
Solvd GroupGermany14 days ago
Full-timeInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Your tasks
- Build and run the Solvd Group IRM system in line with the CTO Governance Framework: define policy, processes, controls, RACI, metrics, and reporting across all companies.
- Select, implement, and own the IRM/GRC tool (configuration, data model, workflows, integrations, access, administration).
- Lead the annual risk/self-assessment cycle; maintain the group risk register and KRIs; deliver quarterly BoM reporting.
- Deliver assurance: drive ISO 27001 for the group and SOC 2 for selected customer-facing services; host audits; manage evidence; close findings.
- Build and lead a small IRM shared-service team; coach local IRM/IT-Gov contacts; standardize methods and templates.
- Embed risk in projects/changes and major-incident reviews; coordinate with ITSM, IAM, TPRM, and ITSCM (RTO/RPO, DR tests).
- Support customer assurance (security questionnaires/RFPs) with reusable evidence packs; act as single escalation/reporting point on IRM topics.
Required skills / qualifications
- Requires at least 3 years’ professional experience in IT governance or risk management, ideally with a focus on Information Risk Management (IRM).
- Proven experience building and operating a lean IRM/ISMS in a comparable firm—ideally an ICT provider serving regulated customers.
- Track record delivering ISO 27001 certification and running an ISMS; experience with SOC 2 attestations.
- Technical IT background with broad understanding of systems, security, networks, cloud computing, and the software development lifecycle; able to challenge engineers constructively.
- Strong audit/control-testing and evidence management; closes findings across multiple teams.
- Hands-on with GRC/IRM tooling (selection, implementation, administration, reporting); data-driven metrics/KRI reporting.
- Excellent stakeholder skills; balances compliance goals with budgets and portfolio-company realities (pragmatic proportionality).
- People leadership: hiring, coaching, and developing a small, high-impact team.
- Certifications a plus: ISO 27001 Lead Implementer/Auditor, CISM/CISSP/CRISC/CISA, ITIL.
- Knowledge of Allianz frameworks is a plus
We offer
- A highly talented, dynamic, and international team
- Opportunity to make an impact in a global company
- Flexible working arrangements
- Health & well-being offerings
- Company pension & health insurance
- ...
Key Skills
Ranked by relevanceReady to apply?
Join Solvd Group and take your career to the next level!
Application takes less than 5 minutes