Jobless Developer
ppro logo
ppro

Posted 2 months ago

Open

Information Security Analyst (GRC Focus)

BerlinOn-siteFull-time

AI Summary

Information Security Analyst focused on GRC to evolve ISMS, risk management, and vendor due diligence in a modern, API-first payments company.

About this role

At PPRO, our mission is to simplify access to local payment methods and our vision is to enable the sale of goods and services to anyone in the world using their preferred way to pay. We empower partners such as Ant Group, PayPal and Stripe to access new markets, connect with more customers, and accelerate their growth.

Our strength lies in our diverse global team with 50+ nationalities and 10+ international locations- all united around one goal – to deliver the best possible products and services to our partners and customers. While our company mission is to keep innovating global commerce, our internal mission is to #chooseaction, #beopen, #thinkcustomer, #gofurther and #wintogether

The Purpose:

The payments ecosystem is evolving quickly and PPRO is at the heart of this transformation, with trust and security enabling us to move fast, safely. We’re looking for an Information Security Analyst to help us evolve what great Governance, Risk, and Compliance (GRC) looks like in a modern, API-first global payments company.
You’ll be helping us build a living, breathing system of trust based on streamlined automation and continuous compliance. If you have a passion for ISO frameworks, an innovative, problem-solving mindset and a drive to automate, simplify and challenge the status quo, you’ll thrive in this exciting role!

What you’ll do:

  • Evolve the Information Security Management System (ISMS): support and continuously improve PPRO’s Information Security Management System, aligned to ISO/IEC 27001:202). You’ll independently manage our ISMS to ensure it stays relevant, practical and scales with our growth.
  • Audit & assurance innovation: play a key role in the ISO certification lifecycle, proactively finding ways to integrate continuous control monitoring and automated assurance, leveraging tools like Vanta.
  • Embed native security: collaborate cross-functionally with Engineering and Product teams, working to embed controls seamlessly into daily workflows.
  • Proactive risk management: actively identify risks, maintain the risk register and drive meaningful risk treatment. You ’ll connect your day-to-day work with PPRO’s overall strategy, focusing on the effectiveness of controls rather than checkbox compliance.
  • Customer-centric due diligence: support vendor security reviews and customer due diligence, continually considering the customer’s perspective in your decision-making, helping to build trust both internally and externally.
  • Modernise security awareness: design and deliver engaging, data-informed security education and awareness campaigns that change behaviour and cultivate a proactive, security-first culture across PPRO.
  • Champion continuous improvement: continuously challenge the status quo, suggesting innovative ideas for automation and experiment with new technologies (including AI) to enhance risk insight and evidence collection.

    • What makes you a great fit:

  • Core experience: solid, hands-on experience supporting or running an ISMS aligned to ISO/IEC 27001:2022, along with practical exposure to audits, risk management and control testing.
  • Engineering mindset: you look at manual, repetitive compliance tasks and immediately think about how to automate or streamline them. Familiarity with automation platforms, scripting, or tools like Vanta is a massive plus.
  • Exceptional ownership: you approach your work with a commitment to excellence. You manage your time effectively, anticipate issues before they arise and decide independently how to approach task-related challenges.
  • Nuanced communication: you’re comfortable adapting your communication style to engage different stakeholders, translating complex security concepts into actionable, pragmatic insights for developers and business leaders alike, and building empathy and shared understanding.
  • Curiosity and adaptability: you’re enthusiastic about acquiring new skills and happy to step out of your comfort zone and adjust ways of working to accommodate team needs in a dynamic environment.
  • Business acumen: you understand the fintech/payments market and competitors, meaning you balance security risks with business reality and speed.

    • Skills

    AuditsAutomation ToolingCompliance AutomationContinuous MonitoringControl TestingISMS ManagementISO/IEC 27001ISO/IEC 27001:2022Risk ManagementRisk RegisterScriptingSecurity Awareness ProgramsSecurity GovernanceVantaVendor Security Reviews

    Explore related jobs

    More jobs at ppro

    Similar Audits jobs

    Jobs in Berlin

    Browse these categories

    Audits JobsRisk Management JobsScripting JobsJobs in BerlinJobs in Germany