Job
- Level
- Senior
- Job Feld
- IT, System, Security
- Anstellung
- Vollzeit
- Vertragsart
- Unbefristetes Dienstverhältnis
- Ort
- Wien
- Arbeitsmodell
- Hybrid, Onsite
Job Zusammenfassung
In dieser Position übernimmst du die Verantwortung für GRC-Prozesse, führst Risikobewertungen durch und optimierst Audits, während du die Sicherheitsrichtlinien und -kontrollen implementierst und pflegst.
Deine Rolle im Team
- As an Information Security Senior Associate, you will drive key parts of our governance, risk, and compliance (GRC) program in a regulated fintech environment.
- You'll own recurring GRC processes end-to-end (such as evidence cycles, control testing, risk workflows), partner with control owners across the business, and help keep us continuously audit-ready.
- Governance & control framework ownership: Own and maintain parts of the ISMS; ensure policies/standards are implemented in a measurable way; support security-by-design governance for new initiatives.
- Assurance & audit execution: Plan and run audit readiness activities (ISO 27001/SOC 2/internal audit/regulatory requests): timelines, evidence plans, stakeholder coordination; review evidence for quality (period coverage, completeness, traceability), challenge gaps, and drive remediation with control owners; draft clear, consistent responses to auditors and internal stakeholders; maintain an action plan and verify closure.
- Risk management: Facilitate risk assessments for systems/projects/vendors with appropriate depth; document outcomes and treatment plans; maintain the risk register quality; identify systemic themes (repeat findings, control weakness patterns) and propose improvements to reduce residual risk.
- Third-party risk & compliance enablement: Lead parts of third-party risk management: due diligence reviews, tracking remediation commitments, and supporting security contractual requirements; Partner with Procurement/Legal/Business owners to ensure proportionate security requirements for vendors (especially critical service providers).
- Control testing & continuous improvement: Execute control design/operating effectiveness testing for a defined control set; document results and recommend improvements; produce GRC reporting and metrics for leadership (audit status, overdue actions, risk trends, control health indicators); improve GRC workflows through templates, playbooks, automation, and tooling (where applicable).
Unsere Erwartungen an dich
Qualifikationen
- You're proactive and ownership-driven: you don't wait to be told what's missing; you spot gaps and fix them.
- You can balance rigor with pragmatism, applying controls proportionate to risk and business criticality.
- You write clearly and persuasively, especially when documenting controls, risks, and audit responses.
- You're comfortable challenging constructively; asking 'show me' and improving evidence and control quality without being obstructive.
- You're collaborative and calm under deadline pressure (audits, regulator requests, and escalations).
Unser Angebot
- Flexibility to work where you thrive - Enjoy the freedom of our Hybrid working model, combining onsite collaboration and remote work, with an additional 25 days per year to work from a city or country of your choice.
- Receive a competitive total compensation package aligned with Bitpanda's pay-for-impact policy, including participation in our stock option plan.
- Access confidential coaching, counselling, and mental health resources whenever you need them through OpenUP.
- Take extra time off to rest, reset, and recharge, with 3 additional days off in 2026 to prioritise your wellbeing.
- Grow your skills and stay ahead in your career with unlimited access to Udemy's library of online courses at your own pace.
- Enjoy discounts, rewards, and perks from partners worldwide across lifestyle, wellness, tech, and travel.
- Take advantage of our additional 8 weeks of gender-neutral new parent leave to welcome and bond with your new addition to the family.
- Set up your home office exactly how you want it with a dedicated budget for comfort and productivity.
- Pandas in Vienna, Bucharest, Barcelona, and Berlin can enjoy free onsite dining, with freshly prepared lunches and snacks to keep you fuelled and focused all day long.
- Celebrate milestones and achievements with recognition and rewards for your Tenure at Bitpanda.
- Access exclusive Bitpanda-branded merchandise and gear to represent.
- Join unforgettable company events, from our Winter Party in Vienna to summer gatherings worldwide, fostering fun, connection, and celebration.
Benefits
Gesundheit, Fitness & Fun
Essen & Trinken
Work-Life-Integration
Mehr Netto
Themen mit denen du dich im Job beschäftigst
Job Standorte
Das ist dein Arbeitgeber
Bitpanda GmbH
Wien
Bei Bitpanda glauben wir an die innovative Kraft von Kryptowährungen, digitalen Assets und der Blockchain-Technologie. Unsere Mission ist es, die Barriere für den Zugang zu finanziellen Mitteln abzubauen und herkömmliche Finanzprodukte ins 21. Jahrhundert zu übertragen. Durch unseren einzigartigen Ansatz haben wir bereits 1,2 Million Nutzer gewonnen und unser Team besteht aus mehr als 270 Experten aus 44 verschiedensten Ländern.
Description
- Unternehmensgröße
- 250+ Employees
- Gründungsjahr
- 2014
- Sprachen
- Englisch
- Unternehmenstyp
- Startup
- Arbeitsmodell
- Full Remote, Hybrid, Onsite
- Branche
- Banken, Finanz, Versicherung, Internet, IT, Telekom
Senior Associate Information Security
- Ort
- Wien
- Arbeitsmodell
- Hybrid, Onsite
- Diversität
- Für alle Personen geeignet (m/w/d)
- Nur Englisch
- Nur Englisch erforderlich
