ICT Risk Manager

September 12

Apply Now

Receive Emails with Similar Jobs

Sport Alliance GmbH

WebsiteLinkedInAll Job Openings

eCommerce • Healthcare Insurance • Wellness

Sport Alliance GmbH is a leading provider of digital solutions for the fitness industry, specializing in gym and membership management software. The company transforms fitness and training operations by offering tailored solutions for various fitness facilities, from small gyms to large franchises across Europe. With their ecosystem of brands, including PerfectGym and Magicline, Sport Alliance delivers robust cloud-based management software and financial services to enhance the efficiency of fitness businesses globally.

201 - 500 employees

Founded 2011

🛍️ eCommerce

⚕️ Healthcare Insurance

🧘 Wellness

💰 Private Equity Round on 2021-08

📋 Description

• Act as the second line of defence by challenging the CISO, IT Security Architect, DevSecOps Team and Business Units on ICT control adequacy and risk appetite alignment • Consolidate insights from quarterly ICT risk inventories, incident summaries, and vendor risk reports into actionable recommendations • Oversee ICT risk assessment processes and ensure alignment with regulatory frameworks such as DORA, EBA, and GDPR • Partner with Incident Response, Vendor Risk, and Security Testing teams to assess, escalate, and remediate ICT risks • Prepare and deliver consolidated ICT risk reports for executive leadership, Head Risk, and Management • Support ongoing improvement of ICT governance processes, including risk identification, monitoring, and reporting • Ensure ICT risk management practices remain robust against evolving threats and emerging technologies

🎯 Requirements

• Bachelor’s degree in Information Security, Risk Management, Computer Science, or related field • Minimum 3+ years of ICT risk management experience within financial services or FinTech • Strong knowledge of risk frameworks (e.g., ISO 27005, NIST, COBIT) and regulatory requirements (e.g., EBA outsourcing guidelines, DORA, GDPR) • Experience with incident response processes, ICT vendor risk oversight, and ICT governance reporting • Excellent stakeholder management skills with the ability to challenge senior leaders constructively • Fluent English (C1) and good German (B2) skills • Professional certification (e.g., CISM, CRISC, CISSP, CISA) is a plus • Familiarity with cloud computing risks, encryption, DevOps environments, and API-driven financial platforms is a plus • Experience consolidating multi-source ICT risk inputs into executive-level reporting is a plus • Understanding of emerging financial technologies such as blockchain, AI, and digital identity is a plus

🏖️ Benefits

• 100% remote work within Germany / home office within Germany possible • 30 days annual leave • Offices with flexible workplaces in Hamburg, Eisenstadt, Warsaw, and Melbourne equipped with drinks & snacks • Exclusive gym next to the Hamburg office (free use) including personal coach for training and nutrition, available to all employees worldwide • CashBack Sport program "Move Republic" rewarding daily and sporting activities in Germany • Above average pension grant for company pension scheme ("bAV") in Germany or Austria • Access to Udemy Business – thousands of online courses for professional development • Access to employee benefits portal with shopping deals in Germany and Austria • Subsidy for the "Deutschlandticket" (local transport subscription) • Direct communication channels, open feedback culture, and pronounced appreciation across the company