DZ HYP | Germany | 22xxx, 21xxx, 20xxx Hamburg | Permanent position | Full time / Home office | Published since: 05.02.2026 on stepstone.de
Speaker for digital operational resilience with a focus on third-party procurement management (m/f/d)
We are around 900 employees in a leading real estate bank. Every year we are moving projects worth several billion euros across Germany, from residential buildings to quarter development. We are doing great things together – with open doors, short paths and a lot of self-responsibility. In our role as 2nd Line of Defense, we are responsible for the third-party risk management process and the further development of our third-party risk, information security and emergency and crisis management of the DZ HYP. Our focus? Ensure that regulatory requirements such as DORA and MaRisk as well as group-specific standards are not only complied with, but also implemented effectively and risk-consciously. As part of the central risk control function, we think and act forward-looking – and we need you for that! !
* After clicking the Read more button, the original advert will open on our partner's website, where you can see the details of this vacancy and contact information. If you need a translation of this text, after returning to our website it will be prepared and you can read it by clicking the Show full translation button.
Your tasks • Your profile • What we offer
Strategic development of the ICT risk management framework according to DORA, focusing on ICT third-reference management and outsourcing management according to EBA and BaFin requirements Integration of third-party risks into central risk management Monitoring and evaluation of legal and supervisory regulations as well as group-specific requirements and derivation and creation of internal requirements coordination and verification of the risk analysis carried out by the relevant areas in accordance with MaRisk AT 9 or Risk assessment according to DORA Coordination and implementation of controls and effectiveness checks Creation and maintenance of complete documentation of outsourcing and third-party ICT references (disposal/information registers)
A completed study of economics, (economic) informatics, legal sciences or a related course of studies or comparable training and further education forms the basis for your success with us. You already bring professional experience in third-party access management or third-party risk management – the rest can be learned. Ideally, you have additionally gained practical experience in the provider management of the 1st Line of Defense or know you with risk management systems. You are strong in translating regulatory requirements and corporate standards into company-specific guidelines, accompanying their implementation and monitoring the success of corresponding KPIs. You have a high degree of initiative, coupled with a careful and solution-oriented approach. Trust, reliability and understanding are values that characterize you. Communication: You can clearly and convincingly share information – whether to colleagues, decision makers: inside or outside partners.
Top city location in Hamburg Various training opportunities, both professional and personal Flexible working time design with the possibility of mobile work 30 days holiday and additionally Sabbatical as well as salary change possible on holiday Attractive remuneration and social benefits, such as asset-effective benefits and occupational pensions Strongly discounted Germany ticket Varied food in the in-house restaurant Granted Wellpass membership, numerous business sports and occupational health management
Location
 | DZ HYP | |
| Hamburg | ||
| Germany |
The text of this ad was translated from German into English using an automatic translation system and may contain semantic and lexical errors. Therefore, it should be used for introductory purposes only. For more detailed information, see the original text of the ad at the link below.
For more information read the original ad