Information Security Internal Audit Jobs in Berlin

What you’ll do:

• Evolve the Information Security Management System (ISMS): support and continuously improve PPRO’s Information Security Management System, aligned to ISO/IEC 27001:202). You’ll independently manage our ISMS to ensure it stays relevant, practical and scales with our growth.
• Audit & assurance innovation: play a key role in the ISO certification lifecycle, proactively finding ways to integrate continuous control monitoring and automated assurance, leveraging tools like Vanta.
• Embed native security: collaborate cross-functionally with Engineering and Product teams, working to embed controls seamlessly into daily workflows.
• Proactive risk management: actively identify risks, maintain the risk register and drive meaningful risk treatment. You ’ll connect your day-to-day work with PPRO’s overall strategy, focusing on the effectiveness of controls rather than checkbox compliance.
• Customer-centric due diligence: support vendor security reviews and customer due diligence, continually considering the customer’s perspective in your decision-making, helping to build trust both internally and externally.
• Modernise security awareness: design and deliver engaging, data-informed security education and awareness campaigns that change behaviour and cultivate a proactive, security-first culture across PPRO.
• Champion continuous improvement: continuously challenge the status quo, suggesting innovative ideas for automation and experiment with new technologies (including AI) to enhance risk insight and evidence collection.

What makes you a great fit:

• Core experience: solid, hands-on experience supporting or running an ISMS aligned to ISO/IEC 27001:2022, along with practical exposure to audits, risk management and control testing.
• Engineering mindset: you look at manual, repetitive compliance tasks and immediately think about how to automate or streamline them. Familiarity with automation platforms, scripting, or tools like Vanta is a massive plus.
• Exceptional ownership: you approach your work with a commitment to excellence. You manage your time effectively, anticipate issues before they arise and decide independently how to approach task-related challenges.
• Nuanced communication: you’re comfortable adapting your communication style to engage different stakeholders, translating complex security concepts into actionable, pragmatic insights for developers and business leaders alike, and building empathy and shared understanding.
• Curiosity and adaptability: you’re enthusiastic about acquiring new skills and happy to step out of your comfort zone and adjust ways of working to accommodate team needs in a dynamic environment.
• Business acumen: you understand the fintech/payments market and competitors, meaning you balance security risks with business reality and speed.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please refer to our Candidate Privacy Policy - https://www.ppro.com/candidate-privacy-policy/