About the role

Information Security Specialist enhancing cloud and AI security posture in fintech. Protecting critical infrastructure and ensuring compliance through security best practices.

Responsibilities

Evaluate and strengthen internal security controls and processes, driving continuous improvement of our Information Security Management System and related policies
Participate in internal and external audits (e.g. ISO 270xx)
Develop and enhance threat models for PAIR Finance resources and services, conducting security risk assessments and defining targeted mitigation strategies based on threat models
Investigate end-to-end information-security incidents and prepare comprehensive reports for management and regulators
Monitor threat intelligence, hacking techniques, and CVEs affecting our AWS and M365 environments
Collaborate with DevOps and Product teams to integrate security throughout the Software Development Lifecycle
Assess both in-house and third-party AI systems for security, compliance, and data protection requirements
Implement AI security frameworks such as NIST AI RMF and OWASP ML/AI Security
Utilize Wiz and similar platforms to identify, prioritize, and remediate cloud security risks (CSPM/CIEM)
Execute vulnerability scans, analyze DAST results, and support penetration testing activities

Strong communication skills in English (B2+) and German (minimum B1, B2 preferred)
Academic degree in Information Security, Cybersecurity, or a related field
3+ years of hands-on experience securing cloud infrastructure (AWS, Azure, GCP); AWS expertise is highly desirable (SecurityHub, IAM, WAF, GuardDuty)
Solid knowledge of security frameworks such as ISO 270xx, BSI Grundschutz, NIST, SOC2
Practical experience with cloud security platforms and CSPM/CIEM (Wiz experience is a significant advantage)
Ability to write and maintain clear technical documentation
Technical expertise to evaluate the severity and applicability of vulnerabilities and the quality of fixes in a cloud environment
Proven track record with vulnerability management, DAST tools, and penetration testing methodologies (OWASP, PTES)
Forward-thinking mindset with knowledge of emerging AI security threats (prompt injection, model misuse, data poisoning)
Relevant certifications (nice-to-have): CISSP, CISM, CISA, ISO 27001 Lead Implementer / Lead Auditor, AWS Security Specialty, BSI Grundschutz Practitioner, AI-related certifications (e.g. Certified AI Security Specialist)

Thriving, financially stable company
Strong, experienced international team to support and mentor you, with a smooth onboarding process
International team of 30+ nationalities with professionals and experts
Flat hierarchy, transparent and appreciative feedback culture, monthly all-hands meetings, annual feedback and evaluation cycle, regular 1:1s with your lead
Well-structured onboarding process and supportive, welcoming colleagues
Personal learning & development budget, plus German and English language courses
Competitive salary reflecting strong performance
Permanent contract, flexible working hours, and 28 vacation days to support your work–life balance
Company pension plan, partially subsidized Deutschlandticket (public transport), and access to the “Corporate Benefits” voucher platform to support your well-being
Fun company summer and Christmas parties, plus regular team events