
Parloa · Berlin Office; Remotely in Germany
ABOUT PARLOA Parloa’s mission is to make every customer conversation feel effortless for both customers and the companies serving them. As agentic AI accelerat...
Parloa’s mission is to make every customer conversation feel effortless for both customers and the companies serving them. As
agentic AI accelerates, Parloans are shaping the foundation of a new era in customer experience, one where customer support is no
longer transactions, but meaningful exchanges. It is not just a vision; Parloa has powered over ONE BILLION interactions between
global enterprise brands and their customers, with companies like Booking.com, HealthEquity, Allianz, SAP, BarmeniaGothaer, and
TUI already deploying Parloa at scale.
Parloa is building the AI platform that enterprises trust with their most important conversations. That trust starts with security
— and we need someone to own it entirely.
As Director of Security, you won't just manage a team. You'll shape how a fast-scaling AI company thinks about security from the
ground up: building the strategy, the culture, and the systems that protect our platform, our customers, and the data they entrust
to us. You'll lead our SecOps team within Tech Platform, partner across IS&T and Internal IT, and be the person our customers look
to when they need confidence that Parloa takes security as seriously as they do.
This is a builder role. If you want to define what security looks like at an AI-native company — not inherit someone else's
playbook — this is it.
fast-growing AI platform.
is every engineer's responsibility.
architectural security reviews into engineering workflows, enabling velocity without compromising safety.
leading incident investigations, containment, and postmortems with technical rigor.
management, and infrastructure-as-code security.
diligence, and translating technical posture into customer confidence.
handling across the platform.
where product and corporate security intersect, without duplicating ownership.
platform company.
sleeves when it matters.
security left without slowing engineering down.
response in production environments.
customers, and dive into technical detail with engineers.
audits and customer security reviews, even if GRC ownership sits elsewhere.
risk is what counts.
At Parloa, we hire, promote, and evaluate based on cultural and technical excellence. You’ll thrive here if you:
Recruiter video call → Technical Peer Interview → Expert interview(s) → Bar Raiser
We’re at the beginning of a new era in customer experience, one where AI doesn’t just respond, but understands, reasons, and takes
action. We’re building agentic AI that enterprises trust with their most important customer moments: complex questions, high
volumes, real stakes. When millions of people reach out to a brand, those interactions aren’t just support tickets; they’re
defining experiences. We’re here to raise the standard: making every conversation seamless, intelligent, and genuinely helpful. If
you care about shaping how businesses and customers connect at scale—and want your work to matter in real, everyday moments—this
is where you do it.
At Parloa, ownership isn’t a buzzword; it means being accountable for outcomes, not just tasks. We operate in a category that’s
evolving fast, where the bar is high, and the problems are complex. We hire people who think in solutions, communicate with
clarity, and follow through. People who are comfortable making decisions, taking responsibility, and raising the standard for
themselves and those around them.
We’ve grown beyond the earliest startup phase, but we’ve kept the intensity: fast execution, direct feedback, and a strong
expectation to contribute meaningfully from day one.
Backed by leading global investors like General Catalyst, EQT Ventures, and Altimeter Capital, we’re scaling with a clear
ambition: to become the global category leader in enterprise-grade conversational AI.
Parloa is committed to upholding the highest data protection standards for our clients' and employees' data. All our employees are
instrumental in ensuring the utmost care, GDPR, and ISO compliance, including ISO 27001, in handling sensitive information.
Parloa is an e-verify employer in the USA. Please click here to learn more.
origin, disability status, socioeconomic background and other characteristics.
Company Introduction We exist to wow our customers. We know we’re doing the right thing when we hear our customers say, “How did we ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we’re collectively disrupting the multi-billiondollar e-commerce industry from the ground up. We are one of the fastest-growing ecommerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce. We are proud to have the best of both worlds — a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurial surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day. Our mission to build the future of commerce is real. We push the boundaries of what’s possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world. Job Overview The Director of Data Security Engineering is responsible for defining and executing the organization’s data protection strategy, ensuring the confidentiality, integrity, and availability of sensitive data across all environments. This leader will build and scale a modern data security engineering program, driving innovations in data protection technologies, automation, and zero trust practices to safeguard enterprise and customer data. This role partners closely with security architecture, privacy, engineering, legal, and business stakeholders to operationalize data security across cloud, SaaS, and on-premises ecosystems. Key Responsibilities Responsibilities will include, but not be limited to, the following: STRATEGY & LEADERSHIP * Define and execute the enterprise data security strategy aligned with business objectives and risk posture. * Build, lead, and mentor a high-performing data security engineering team. * Establish multi-year roadmaps for data protection capabilities (e.g., data discovery, classification, encryption, DLP). * Act as a subject matter expert and executive advisor on data security risks and controls. DATA PROTECTION ENGINEERING * Design and implement scalable controls for: * Data discovery, classification, and labeling * Data Loss Prevention (DLP) across endpoints, networks, SaaS, and cloud * Encryption and key management (at rest, in transit, in use) * Tokenization, masking, and anonymization * Lead engineering efforts for securing structured and unstructured data across: * Cloud platforms (AWS, Azure, GCP) * SaaS applications (M365, Salesforce, etc.) * Data platforms (databases, data lakes, warehouses) CLOUD & MODERN DATA SECURITY * Drive security integration into modern data architectures (data lakes, AI/ML pipelines, GenAI systems). * Implement and mature Zero Trust data access models. * Ensure secure data usage in analytics, APIs, and distributed systems. RISK, COMPLIANCE & PRIVACY ALIGNMENT * Align data security controls with regulatory and compliance frameworks * Partner with Privacy and Legal teams to embed privacy-by-design and data minimization principles. * Support audit readiness and remediation efforts related to data protection. THREAT PROTECTION & INCIDENT RESPONSE * Collaborate with threat detection & response teams to identify and mitigate data exfiltration risks. * Develop controls and telemetry to detect insider threats and anomalous data access. * Lead post-incident reviews related to data security breaches. STAKEHOLDER COLLABORATION * Work cross-functionally with: * Security Architecture & Platform Engineering * Application & Infrastructure Engineering * Data Engineering & Analytics teams * Legal, Compliance, and Privacy teams * Communicate risks, strategies, and program maturity to executive leadership. Essential Requirements * 10–15+ years of experience in cybersecurity, with significant focus on data security. * 5+ years in a leadership role managing security engineering teams. * Deep expertise in: * Data security technologies (DLP, DSPM, encryption, key management) * Cloud-native security (AWS, Azure, GCP) * Data platforms (Snowflake, Databricks, BigQuery, etc.) * Strong understanding of: * Zero Trust principles * Identity and access management (IAM, RBAC/ABAC) * Secure data architecture patterns * Experience implementing security in CI/CD and DevSecOps environments. * Familiarity with regulatory frameworks and data protection laws. * Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred). Preferred Requirements * Experience with Data Security Posture Management (DSPM) tools. * Background in privacy engineering or working closely with CPO organizations. * Knowledge of modern risks related to AI/GenAI and data leakage. * Industry certifications (CISSP, CISM, CCSP, etc.). * Experience in large-scale enterprise or highly regulated environments. * Strategic thinking with strong execution focus * Deep technical expertise balanced with business acumen * Strong leadership and team-building skills * Excellent communication and stakeholder management * Problem-solving in complex, distributed environments Recruitment Process & Others Recruitment Process * Application Review - Phone Interview - Onsite (or Virtual Onsite) Interview – Offer * The exact nature of the recruitment process may vary according to the specific job and may be changed due to scheduling or other circumstances. * Interview schedules and the results will be informed to the applicant via the e-mail address submitted at the application stage. Details to Consider * This job posting may be closed prior to the stated end date for application if all openings are filled. * Coupang has the right to rescind an offer of employment if a candidate is found to have submitted false information as part of the application process. * Coupang does not discriminate against disabled applicants or those with veteran status. We are proud to offer equal opportunities for all applicants. * Job titles and responsibilities may be subject to change depending on the candidate’s overall experience, etc. This will be communicated to the candidate at the appropriate time before the offer. Privacy Notice * Your personal information will be collected and managed by Coupang as stated in the Application Privacy Notice located below. * https://www.coupang.jobs/en/privacy-policy/ Document Return Policy * This notification is given pursuant to Article 11 (6) of the Fair Hiring Procedure Act. * A job applicant, who has applied but not been finally selected for a position at Coupang (the “Company”), may request the Company to return his/her hiring documents submitted pursuant to the Fair Hiring Procedure Act. However, this will not apply where the hiring documents were submitted via the website of the Company or e-mail, or where the job applicant submitted those documents voluntarily without a request from the Company. In addition, if the hiring documents were destroyed due to a natural disaster or any other reasons not attributable to the Company, such documents will be deemed to have been returned to the job applicant. * A job applicant who wishes to request the return of his/her hiring documents pursuant to the main sentence of paragraph 2 above should fill out a “Request for Return of Hiring Documents” [Annex Form No. 3 in the Enforcement Rule of the Fair Hiring Procedure Act] and submit the request to the Company (Coupang Recruiting Team, Tower 730, 570 Songpa-daero, Songpa-gu, Seoul). In such case, within fourteen (14) days from the date of identifying the receipt of the request, the Company will send the hiring documents to the job applicant’s designated address via registered mail. Please be informed that the job applicant is required to pay the postage on the registered mail. * In preparation for a job applicant’s request for the return of hiring documents pursuant to the main sentence of paragraph 2 above, the Company shall retain the original hiring documents submitted by the job applicant for 180 days from the completion of the recruiting process. If no request is made until the end of this period, all of his/her hiring documents will be destroyed immediately in accordance with the Personal Information Protection Act.
ABOUT FREETRADE Freetrade’s mission is to become the default place to invest. Investing has been too complicated and expensive for too long, keeping millions from making the most of their savings. We’re changing that. We’re building our team and looking for people who are excited to reshape how our customers invest and grow their wealth. If you’re driven by solving complex problems and building innovative products, you’ll fit right in. 2026 is a big year for us. Last year, we announced a game changing deal to become part of the IG Group. We’ll continue to operate as an independent business while gaining access to the resources and support of an established leader in the space. This year, we’re accelerating our roadmap and taking our products to the next level. We’re building new features like mutual funds, bonds, and family investment tools. We’re also exploring how we can leverage AI to deliver an even better experience for our customers. ABOUT THE ROLE We are searching for a Director of Security & Privacy to define the frontier of trust for our next era of hyper-growth. As a vital member of the IG Group family, you will protect a platform that serves millions of users and safeguards billions in assets under administration. This is a high-stakes senior leadership mandate to serve as the ultimate authority for our security and privacy strategy, with a pioneering focus on architecting the governance of AI. You will orchestrate high-impact, cross-functional synergy with Risk, People, and Legal to cement a sophisticated security posture and a world-class privacy-by-design culture, ensuring our rapid expansion remains resilient and risk-aware on a global scale. WHAT YOU'LL DO Leadership * Set strategy and long-term vision across security, privacy, and IT * Report to and advise senior leadership on risk, security, and privacy posture * Represent security and privacy in company decisions, influencing direction on risk * Build cross-functional relationships with Risk, People, Legal, and other departments * Foster strategic partnerships with IG Group security leadership to drive global consistency * Drive and govern the secure adoption of AI, ensuring alignment with GDPR and FCA regulatory expectations * Grow the team and hire new talented team members Security * Own the application security and cloud security programs, embedding security across the SDLC (shift-left) * Lead Incident Detection & Response, ensuring 24/7 monitoring and alerting coverage * Oversee corporate security and DLP controls to manage insider threat * Manage relationships with auditors and support audits regularly * Govern secure adoption of AI, including native integrations and MCP * Drive a culture of security awareness and embedding security by design principles across Freetrade Privacy * Ensure UK/EU GDPR compliance as the company scales * Act as first line of defense on GDPR across vendor review, onboarding, and engineering/data changes * Report regularly to senior leadership on privacy posture * Handle DSRs from users and employees, and liaise with regulators when required * Govern privacy-by-design adoption of AI IT * Own corporate IT and workplace technology across London and Budapest * Ensure secure site and remote connectivity (network, VPN/ZTNA) across both office sites * Ensure smooth management for the full employee technology lifecycle: onboarding, offboarding, and role changes, including hardware provisioning and access provisioning/deprovisioning * Own identity and access management: SSO, directory services, access reviews, and joiner-mover-leaver processes * Own corporate infrastructure, hardware fleet, and software tooling (procurement, licensing, lifecycle management) ABOUT YOU * 10+ years in the tech industry * 5+ years in a security leadership role influencing organizational direction * 5+ years of people management experience, managing a team of similar size * Solid understanding of GDPR core principles and expectations * Experience managing multiple functions or a diverse remit is a plus * Fintech or regulated industry experience is a plus * IT/workplace tech experience is a plus OUR HYBRID MODEL We work from our central London and Budapest offices on Monday, Tuesday, and Thursday, leaving Wednesday and Friday for dedicated focus time at home. We believe in the power of in-person collaboration to build a strong culture, but we know "life happens." If you have caregiving or personal responsibilities that require extra flexibility, let’s talk about it. We are an Equal Opportunity employer committed to a diverse and representative team. Whatever your race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability - we want to hear from you. To find out more about how we look after your personal data when you apply for a job with us, please see our Recruitment Privacy Policy here. Please note we are not accepting agency CVs.
Raisin is the world’s leading platform for savings and investment products. Founded in 2012, the FinTech connects consumers with banks in the EU, the UK and the US. This gives consumers better interest rates and banks a diversified form of refinancing. Our vision is to offer savings and investments without barriers and thus open up the global 160 trillion euro market. Raisin currently employs more than 800 people from over 75 countries worldwide. Today, the platform holds over 80 billion euros in assets from more than one million investors which have accrued over 5 billion euros in returns. Team For this challenging and highly impactful role, we are seeking a dedicated, highly communicative IT Security Manager with vision and drive. In this position, you will lead and develop Raisin's internal security teams. You will act as a critical internal sparring partner (for Business, IT, and the 2nd Line of Defense) and take the absolute lead in coordinating our technical security implementation. As a versatile leader with a comprehensive overview of our security posture, you will ensure that our internal operations are resilient, compliant with regulations like DORA, and seamlessly executed by your teams. Your Responsibilities * Team Leadership & Internal Execution: Take ownership of our internal security operations. You will lead, mentor, and steer our internal security experts in a results-oriented manner, ensuring the continuity and excellence of daily security operations. * Internal Coordination & Sparring: Act as the central, consultative liaison across the company. You will lead cross-departmental coordination of security topics, define clear security requirements for our Infrastructure and engineering teams, and develop pragmatic, scalable solutions. * 1st Line Security Operations: Oversee the technical execution performed by your teams. Your duties will include actively participating in incident analysis, threat mitigation, and ensuring robust monitoring is in place. * 2nd Line Liaison & DORA Alignment: Serve as the central point of contact for the "2nd Line of Defense" (CISO). Ensure that our operational reality and technical controls align with overarching IT Governance, risk frameworks, and regulatory requirements like the Digital Operational Resilience Act (DORA). * Project Management: Drive and contribute to broader projects. If you enjoy organizing and structuring security-related agendas across the IT landscape, there is plenty of impactful work to be done! * Cloud Security Oversight: Leverage your deep understanding of AWS Cloud Infrastructure and the AWS Shared Responsibility Model to guide your teams in maintaining a secure, robust, and compliant cloud environment. * Strategic Vendor Management: Pragmatically manage relationships with third-party security vendors (e.g., security tooling, external testing, specialized services). You will steer these partnerships to ensure strict SLA adherence, cost-effectiveness, and a strong Return on Investment (ROI) for our security stack. Your Profile * Extensive Professional Experience: 10+ years of overall experience within the Cybersecurity or Information Security space, combined with at least 3+ years of proven experience working directly as an IT Security Manager or in a similar leadership capacity. * Broad Cybersecurity Background: The world of security is vast, and your holistic expertise counts. You have broad experience across domains such as IT Governance/GRC, ISMS, ISO 27001, BCM, NIS 2, DORA, Vulnerability Management, SOC/SIEM, IAM/PAM, Penetration Testing, Network Security, or DevSecOps. * Generalist Leadership Mindset: A comprehensive overview and a fundamental understanding of security technologies, industry standards, and their potential business impact are highly valued. You know how to guide specialists without getting lost in the weeds of individual security tools. * Team Management Experience: Proven track record in leading, structuring, and motivating internal technical teams in a fast-paced, mission-critical IT environment. * Technical Acumen: Really good understanding and practical working knowledge of AWS Cloud Infrastructure, including a firm grasp of the cloud Shared Responsibility Model and how to implement it effectively. * Framework Knowledge: Basic knowledge of IT Service Management (ITSM, ITIL) and a solid technical understanding of the security domain are prerequisites. * Work Style & Traits: You possess a strong sense of responsibility, flexibility, and an eagerness to engage with new topics. You are distinguished by a commitment to collaborative teamwork, a respectful and supportive interpersonal style, and a work approach that is solution-oriented, analytical, structured, and reliable. * Language & Communication: Excellent proficiency in spoken and written English alongside fluent German is a plus. Join our mission, join our team – and grow with us! At Raisin, we care about each other and it is one of our top priorities to foster an open and caring environment in which everyone feels welcome and comfortable. Our culture is strongly driven by our ambitious team, which connects more than 75 different nationalities. As part of out team, you will benefit from: * Employee Development Budget of €2,000 and four full training days per year. * Flexible working hours, home office and 30 vacation days. * A company pension scheme (Betriebliche Altersvorsorge), which we support with 20%. * Enjoy more than 50+ different sports with Urban Sports Club: We subsidize your membership with more than €20 per month. * Do you miss being in the office? The Deutschland Ticket gets you there, which we subsidize with €25 per month. * Love cycling? With JobRad, lease the bike of your choice and enjoy tax savings, plus Raisin covers your monthly insurance costs. * Hungry all the time? Snacks, daily fresh fruit as well as drinks provided at the office. * You are moving from another country or city to join us? We may support your relocation. Raisin Applicant Privacy Policy We value diversity and the unique experiences each individual brings. If you’re excited about this role but don’t meet every requirement, we still encourage you to apply. We are an equal opportunity employer and are committed to creating an inclusive environment for everyone, regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or gender identity.