Senior ICT Risk Manager / Information Security Officer (ISO) (all genders)

Festanstellung, Vollzeit · Deutschland: Berlin

Your challenge

As our Senior ICT Risk Manager / Information Security Officer (all genders), you will take a leading role in safeguarding the operational and cyber resilience of Hubject Financial Services GmbH (HFS).

In this key position, you act as both the Information Security Officer (ISO) and the ICT Risk Control Function mandated by DORA, operating within the second line of defense. You will work closely with the lead risk management (ZAG MaRisk), the CFO/CRO, and be a permanent member of the Risk Committee, ensuring that ICT and security risks are effectively identified, assessed, and managed across the organization.

Your mission: to continuously strengthen HFS’s security posture, digital resilience, and governance maturity while supporting our growth as a regulated fintech at the intersection of payments and e-mobility.

Why Hubject

We develop ideas and deliver solutions for the eMobility market
We are working on the most important growth topics
We are a international team of very motivated eMobility enthusiasts

AND

We have over plenty of benefits in the following categories:

Food & drinks
Equipment (Laptop etc.)
Learning & Development
Mobility
Work- Life Balance

Hubject Financial Services GmbH was founded in 2024 as a subsidiary of Hubject GmbH. We are a startup consisting of 10 experts covering functions like project, risk and legal management. So, you will naturally support in various topics as part of a small team, learn a lot and contribute to building a new company.

Your Tasks

You take formal responsibility as the Information Security Officer (ISO) and as the ICT Risk Control Function under DORA, overseeing the governance and effectiveness of HFS’s ICT and cyber risk management framework.
You establish, operate, and continuously improve the Information Security Management System (ISMS) in alignment with ISO/IEC 27001, DORA, and company strategy, ensuring appropriate policies, controls, and awareness measures are in place.
You monitor ICT and cyber risks across the institution, review and challenge first-line assessments, and ensure transparent reporting to the Management Board and Risk Committee.
You coordinate the Local Security Incident Response Team (LSIRT) and act as the central contact for information security incidents, ensuring appropriate escalation, documentation, and regulatory notifications.
You ensure that internal ICT and security policies, standards, and documentation are consistent, up to date, and embedded effectively across all departments.
You are responsible for performing and reviewing third-party and ICT-outsourcing risk assessments, ensuring external providers are evaluated and monitored for security and operational resilience in line with DORA and internal standards.
You design and deliver awareness and training programs on information security and ICT risk topics, fostering a strong security and resilience culture across HFS.
You stay informed about emerging regulatory, technological, and threat developments to proactively adapt HFS’s ICT risk and security frameworks to evolving requirements.
You prepare and deliver ICT risk and security reports for internal governance bodies, auditors, and supervisory authorities, ensuring a clear and consistent communication of the institution's ICT risk profile.
You prepare and deliver ICT-risk and security reports for internal governance bodies, auditors, and supervisory authorities, and contribute to audits, BaFin inspections, and Risk Committee meetings by providing clear analyses, professional reporting, and proactive recommendations.
You will work in close coordination with the ISO of Hubject GmbH, ensuring consistent alignment of security and ICT risk management practices across both organizations.

Your Profile

5+ years of professional experience in ICT risk management, information security, or operational resilience, within a financial-services or fintech environment.
Expert knowledge of DORA, ISO/IEC 27001, and information-security best practices.
Experience in establishing, managing, and improving an ISMS, including ICT and third-party-risk control processes.
Analytical, structured, and proactive working style with the ability to connect technical, regulatory, and business perspectives.
You are a problem solver: You proactively contribute to finding pragmatic solutions for real complex problems in regard to information security.
Excellent communication and stakeholder-management skills; confident in engaging with management, auditors, and external partners.
Entrepreneurial, proactive, and comfortable in dynamic, international environments.

Language

Fluent in German and English, written and spoken.

Start date

January 2026

Location

Onsite in Berlin
Hybrid system:

2 days per week at the office, 3 days remote
EUREF Campus in Schöneberg in Berlin - Europe's hotspot for green technology and eMobility

Auf diese Stelle bewerben

About us

Hubject is the market and innovation leader in the eMobility sector. Together with our team, we develop ideas and deliver solutions for the eMobility market. This will become the most important growth topic worldwide in the coming years.
Our vision becomes our mission: We accelerate the EV ecosystem towards a sustainable mobility future.

Our Values are:
We are Curious
We are Ambitious
We are Accountable
We are Inclusive
These four core values shape our collective identity and guide us as we navigate challenges, pursue growth, and make a positive impact in our industry and beyond. We are curious. We are ambitious. We are accountable. We are inclusive.


At Hubject, we are dedicated to building a diverse and inclusive workforce. We welcome candidates of all backgrounds and experiences.

More about us
Hubject simplifies the charging of electric vehicles. Through its eRoaming platform, called intercharge, the eMobility specialist connects Charge Point Operators or CPOs and eMobility Service Providers or EMPs, thus providing standardized access to charging infrastructure regardless of any network.
With over one Million connected charging points and more than 2250 B2B partners across 63 countries and four continents, Hubject has established the world’s largest cross-provider charging network for electric vehicles by connecting CPO networks. In addition, Hubject is a trusted consulting partner in the eMobility market, advising automotive manufacturers, charging providers and other EV-related businesses looking to launch eMobility services or implement Plug&Charge using ISO 15118. In essence, Hubject promotes eMobility and its advancement worldwide.
Founded in 2012, Hubject is a joint venture of the BMW Group, Bosch, EnBW, Enel X, Mercedes-Benz, E.on, Siemens, and the Volkswagen Group. Hubject’s headquarters is located in Berlin, with subsidiaries in Los Angeles and Shanghai.

Auf diese Stelle bewerben

Deine Bewerbung

Wir freuen uns über Dein Interesse an Hubject GmbH. Bitte fülle das folgende kurze Formular aus. Solltest Du Schwierigkeiten mit dem Upload Deiner Daten haben, wende dich gerne per Email an careers@hubject.com.