Information Security Officer (m/f/d)

<p><strong>Join the team rewriting the rules in private markets.</strong></p> <p>Moonfare delivers what few others can: the highly sought-after funds and hidden-gem investments that go beyond what most private banks offer. Every opportunity is subjected to a ruthless vetting process; the bar is unforgivingly high. The result? Institutional-quality portfolios for investors who demand more.</p> <p>Our team combines finance veterans with talent from tech, consulting, law and industries you’d never expect. Headquartered in Berlin, we operate from eight offices across Europe, the US and Asia.</p> <p>If you're ready to build what's next in private markets, let's talk.</p> <p><strong>Information Security Officer (m/f/d)</strong></p> <p>As an Information Security Officer, you will be a central figure in our journey to become a BaFin-regulated entity. As part of the 2nd line of defence, you will lead all information security and relevant Governance, Risk, and Compliance (GRC) initiatives. Your primary objective will be to ensure our information security posture is robust, compliant with German and EU regulations, and aligned with our business goals.</p> <p>In this role you will work closely with various departments to embed security into the fabric of our organization.</p> <p><strong>Your Mission:</strong></p> <ul> <li>Lead the company's efforts to achieve and maintain compliance with key information security regulations, including BaFin requirements, DORA, and NIS2.</li> <li>Develop, implement, and maintain the Information Security Management System (ISMS) in accordance with ISO 27001 and other relevant standards.</li> <li>Conduct comprehensive risk assessments and work with control functions to monitor and report on risk mitigation activities.</li> <li>Provide expert guidance to internal teams on information security policies, procedures, and best practices.</li> <li>Oversee internal and external security audits to ensure we meet our compliance goals.</li> <li>Act as the primary point of contact for all information security matters within the licensed entity.</li> <li>Promote continuous employee awareness of Information Security and Data Protection topics.</li> </ul> <p><strong>The next Moonfarian:</strong></p> <ul> <li>Proven experience in a similar Information Security role, preferably within the finance or FinTech industry in the EU, with specific experience in the DACH region.</li> <li>Deep understanding and practical experience with German security regulations and BaFin requirements.</li> <li>Expert knowledge of information security frameworks and regulations such as ISO 27001, DORA, and NIS2.</li> <li>Experience in developing, maintainin