View Jobs

ICT Risk Manager Location: Prague / Hybrid Our client is seeking an ICT Risk Manager to join a Second Line of Defence function, supporting technology risk governance, oversight and regulatory compliance activities within a regulated environment. Key Responsibilities: Provide independent oversight of ICT, cyber and technology-related risks. Review and challenge risk assessments, controls and remediation activities. Support the development and enhancement of ICT risk frameworks and governance processes. Monitor technology, security, outsourcing and operational resilience risks. Contribute to regulatory compliance and risk reporting activities. Support third-party and vendor risk oversight initiatives. Collaborate with stakeholders across risk, technology, security and business functions. Your Profile: Several years of experience within ICT risk, technology risk, cyber risk or operational risk environments. Understanding of risk governance and Second Line of Defence responsibilities. Experience within banking, financial services or another regulated environment. Knowledge of ICT risk management, operational resilience and regulatory frameworks. Strong analytical, communication and stakeholder management skills. Relevant certifications such as CRISC, CISA or CISSP would be advantageous. Fluent English language skills. What’s on Offer? Opportunity to work within an international and regulated environment. Exposure to technology risk, resilience and governance initiatives. Flexible hybrid working model. Long-term development and progression opportunities.

Director, ICT Risk and Security Reporting Most technology risk reporting roles exist to document what's already happened. This one exists to shape what happens next. The Opportunity This is a newly created Director-level position within the Risk function of one of Europe's leading international banks. You'll be joining at the point where the function is being built, not inherited, which means you'll have genuine influence over how ICT risk and security reporting is structured, governed, and matured from the ground up. The regulatory environment is as complex as it gets right now: DORA is live, EBA ICT guidelines are evolving, and banks are under real scrutiny on operational resilience. You'll be working at the centre of all of it, translating technical and cyber risk into intelligence that drives decisions at board and executive level. Critically, this isn't a back-seat reporting role. You'll be expected to challenge the first line, push back where data quality or risk transparency falls short, and bring an architectural view of technology risk that goes beyond compliance checklists. The business wants someone with enough credibility and backbone to be genuinely heard. There is a clear path upward for the right person. This is a role you can grow into a broader leadership position, in a bank that operates at international scale. The Role Own and evolve the ICT Risk and Security reporting framework across the bank Deliver board-level, executive, and risk committee reporting on technology and cyber risk Translate complex technical and security risk data into clear, actionable business narratives Develop risk metrics, KRIs, dashboards, and management information across ICT and cyber domains Identify emerging risks and systemic themes across technology, cyber, resilience, and third-party environments Challenge the first line on data quality, risk transparency, and governance consistency Support regulatory and governance obligations including DORA and EBA ICT guidelines Drive continuous improvement in reporting automation, data visualisation, and risk analytics Partner with senior stakeholders across Technology, Cyber Security, Risk, Compliance, and Internal Audit What You'll Need Significant experience in ICT Risk, Technology Risk, Cyber Risk, or Information Security Governance, ideally within banking or regulated financial services An architectural view of technology risk, with the ability to identify systemic issues, not just point-in-time findings Proven experience producing board-facing or executive-level risk reporting Strong working knowledge of DORA, EBA ICT guidelines, and operational resilience frameworks The credibility and confidence to challenge senior stakeholders and first-line teams Exceptional ability to communicate complex risk information clearly to non-technical audiences Relevant certifications such as CISA, CRISC, CISSP, or CGEIT are advantageous Fluent English required What's on Offer Competitive compensation package commensurate with Director-level seniority Company pension scheme and comprehensive risk coverage including accident insurance Car leasing and bike leasing schemes with tax advantages IT device leasing for personal use Hybrid working model based in Prague Clear scope for progression within an international banking group How to Apply Apply via the link below. Your CV doesn't need to be perfect, send what you have and we'll take it from there. If you'd prefer a conversation before committing to anything, just give us a call.

Security Analyst Location: Munich Our client is seeking a Security Analyst to support security testing and research activities across embedded and hardware-focused technology environments. This role focuses on vulnerability analysis, embedded software security and the evaluation of advanced security concepts within modern product ecosystems. Key Responsibilities: Perform security assessments and vulnerability analysis for embedded systems and connected devices. Support hardware and software-focused security testing activities. Contribute to security reviews, technical evaluations and risk assessments. Assist with the development of security testing methods and analysis techniques. Collaborate with international engineering and research teams on security-related initiatives. Support internal knowledge sharing and technical consulting activities. Evaluate emerging technologies and approaches related to embedded and product security. Your Profile: Degree in Computer Science, Engineering or a related technical field. Experience within embedded systems, security testing or security research environments. Understanding of embedded software, hardware security or cryptographic concepts. Familiarity with vulnerability analysis and security assessment methodologies. Experience with programming languages such as C, Java or low-level technologies would be advantageous. Strong analytical and troubleshooting skills. Collaborative and solution-oriented working style. Fluent German and English language skills. What’s on Offer? Opportunity to work on advanced security and embedded technology topics. International and collaborative working environment. Flexible hybrid working model. Long-term technical development opportunities.

**Freelance SAP BTP Technical Architect - Public Cloud** MAM Gruppe is recruiting a Freelance SAP BTP Technical Architect on behalf of a German enterprise client building cloud-native, AI-enabled SaaS on the SAP stack. **About the role** As Technical Architect - Public Cloud, you are responsible for the technical design of our cloud-native product line based on modern Node.js architectures. You shape a scalable, AI-integrated platform architecture and ensure that our public cloud products are high-performance, modular, and future-proof. **Responsibilities** • Design of microservices architectures, API-first and event-driven concepts • Definition of service boundaries, data flows and integration patterns • Ensuring multi-tenant capability across the product line • Technical architecture for AI features within defined guardrails • Integration of LLMs and AI services with performance and cost optimisation • Collaboration with infrastructure and deployment engineers • Creation of HLD, SDD and TDD up to epic level • Technical review and sign-off responsibility in the architecture forum **Required experience** • Several years as a Technical or Solution Architect in Cloud-Native environments • SAP CAP (Node.js / CDS) hands-on • S/4HANA Public Cloud Side-by-Side Extensions, Clean Core OData APIs • SAP Business Events, Event Mesh, event-driven architecture • Multi-tenant architecture, Cloud Foundry / Kyma, XSUAA / IAS / IPS • Strong understanding of microservices and API architectures • Architecture documentation ownership (HLD, SDD, TDD) **Strongly preferred** • AI / LLM integration in product (SAP AI Core, LangChain, LangGraph, RAG) • HANA Cloud (HDI, Vector Engine) • CI/CD in SAP environments   **Engagement** • Start: ASAP • Duration: 6 months with likely extension • Location: DACH, hybrid • Language: English primary, German a plus **Why apply through MAM Gruppe** Every CV is screened by hand - no automated filtering. Every shortlisted candidate is qualified by phone or video before submission to the client. 20+ years personally in DACH freelance and contract IT recruitment.   Apply via LinkedIn or send your CV directly to richard.brady@mamgruppe.com.

Freelance Dremio Data Operations Engineer - Long-term, Remote + Heilbronn We're recruiting for a Data Application Operations Engineer to support and maintain a Dremio-based data platform The role: Operations-focused: monitoring platform stability, resolving incidents, troubleshooting data loads and queries, supporting onboarding of new departments and Dremio spaces, collaborating with platform and infrastructure teams. Required: Hands-on Dremio operations / administration experience Application operations and production support mindset Strong troubleshooting and incident handling SQL and general data platform understanding Basic understanding of Ab Initio processes Nice to have: STACKIT or cloud platform exposure Experience in enterprise or regulated environments Modern Lakehouse architecture understanding Engagement details: Start: ASAP Duration: 1+ years (long-term assignment) Location: Remote, with 4 days per month on-site in Heilbronn (consecutive, same week) Language: English primary, German a plus Rate: €85–95/hr Apply Please send your CV in English or German. Every applicant is screened personally - no automated filtering. Pre-qualification by phone or video before any submission to the client. Send your profile along to richard.brady@mamgruppe.com  

Senior Manager Information Security - Second Line of Defence Location: Frankfurt / Hybrid Our client is seeking a Senior Manager Information Security to support security governance, risk oversight and regulatory compliance activities within a highly regulated environment. This role sits within the Second Line of Defence and focuses on strengthening information security frameworks, controls and oversight processes across the organisation. Key Responsibilities: Support and oversee information security governance and risk management activities. Provide independent oversight and challenge of security controls and risk practices. Maintain and enhance security policies, standards and governance frameworks. Support risk assessments, control reviews and remediation activities. Collaborate with technology, risk, audit and compliance stakeholders. Monitor regulatory developments, emerging threats and security-related risks. Prepare reporting and presentations for senior stakeholders and governance committees. Contribute to operational resilience and third-party security oversight initiatives. Your Profile: Extensive experience within information security, cyber risk or technology risk environments. Strong background in security governance, risk oversight or Second Line of Defence functions. Understanding of regulatory frameworks and security standards within regulated environments. Knowledge of information security controls, operational resilience and cloud security governance. Strong stakeholder management and communication skills. Relevant certifications such as CISSP, CISM or CRISC would be advantageous. Fluent German and English language skills. What’s on Offer? Senior-level role within a complex and regulated environment. Exposure to security governance and risk management initiatives. Flexible hybrid working model. Long-term development and progression opportunities.