Information Security Officer

As an Information Security Officer, you will be a central figure in our journey to become a BaFin-regulated entity. As part of the 2nd line of defence, you will lead all information security and relevant Governance, Risk, and Compliance (GRC) initiatives. Your primary objective will be to ensure our information security posture is robust, compliant with German and EU regulations, and aligned with our business goals.

In this role you will work closely with various departments to embed security into the fabric of our organization., * Lead the company's efforts to achieve and maintain compliance with key information security regulations, including BaFin requirements, DORA, and NIS2.

• Develop, implement, and maintain the Information Security Management System (ISMS) in accordance with ISO 27001 and other relevant standards.
• Conduct comprehensive risk assessments and work with control functions to monitor and report on risk mitigation activities.
• Provide expert guidance to internal teams on information security policies, procedures, and best practices.
• Oversee internal and external security audits to ensure we meet our compliance goals.
• Act as the primary point of contact for all information security matters within the licensed entity.
• Promote continuous employee awareness of Information Security and Data Protection topics., * Ownership: All team members are empowered to bring ideas, make decisions, and have an impact. Participate in our equity program and share in our success.
• Transparency: Everyone at Moonfare is regularly updated on strategic progress, KPI tracking, product updates, and changes.
• Growth: Not only will you grow in your role, but you also have access to an individual growth budget of €1,500 or 2% of base salary (whichever is higher).

Do you have experience in Information security?, * Proven experience in a similar Information Security role, preferably within the finance or FinTech industry in the EU, with specific experience in the DACH region.

• Deep understanding and practical experience with German security regulations and BaFin requirements.
• Expert knowledge of information security frameworks and regulations such as ISO 27001, DORA, and NIS2.
• Experience in developing, maintaining, and implementing an ISMS, leading to successful certification (e.g., ISO 27001).
• A background in Software Engineering or Computer Science is beneficial.
• Industry-recognized certifications such as CISM, CISA, ISO 27001 Lead Auditor/Implementer, or SANS/GIAC certifications (e.g. GSLC, GISP) are highly desirable.
• Excellent communication skills with full professional proficiency in English, working proficiency in German is desirable.

Moonfare delivers what few others can: the highly sought-after funds and hidden-gem investments that go beyond what most private banks offer. Every opportunity is subjected to a ruthless vetting process; the bar is unforgivingly high. The result? Institutional-quality portfolios for investors who demand more. Our team combines finance veterans with talent from tech, consulting, law and industries you'd never expect. Headquartered in Berlin, we operate from eight offices across Europe, the US and Asia. If you're ready to build what's next in private markets, let's talk., * Client-Centric Focus: Our clients come first, Moonfare comes second, and we prioritise ourselves third. Putting clients first means creating value for them is essential. Placing Moonfare second signifies that our individual professional future at Moonfare depends on the company's commercial success. Prioritising ourselves third reflects our humility in putting clients and Moonfare before personal interests. * Commitment to Excellence: We pursue excellence and honor our promises. We hold ourselves to the highest standards, taking responsibility for our failures, and celebrating our successes. We commit to deadlines and stick to them and we learn from our mistakes. * Win together: We are here to win and to celebrate our collective achievements. We are mission-focused and think and act like owners. We exemplify the attitude we expect and each of us commits to do what it takes to succeed. * Growth and Merit: We foster personal growth but each of us earns our place as a Moonfarian through merit. We hire, retain, and develop exceptional people and invest in empowering them to excel. We must all earn our place at the table every day.