Cyber Security Manager - SOC

Shine exists to help freelancers and small business owners reclaim the joy of working for themselves.
Running a business shouldn't mean drowning in financial admin – it should be inspiring and rewarding. Our app brings banking, invoicing, accounting and admin together in one place, so entrepreneurs can focus on what matters most: growing their business and enjoying the freedom of working for themselves.

We're a multicultural team of over 400 people across France, Germany, Denmark and the Netherlands. By bringing together leading European fintechs like Shine, Kontist and Tellow, we've built a single, intuitive platform designed for simplicity, speed and accuracy ,backed by local, award, winning support.

Your hiring experience matters
Just as we respect our customers' time, we respect yours. Your experience with Shine should feel simple, transparent and genuinely supportive.
If this sounds like somewhere you want to grow, we'd love to hear from you

The Information Security team at Shine

At Shine, our Security team operates as a strategic driver rather than a support function. We work directly with leadership to integrate resilience into the company’s core, navigating the complex intersection of cloud-native architecture, AI innovation, and rigorous regulatory standards like DORA and ISO 27001. By partnering cross-functionally with Engineering and Risk, we aren’t just maintaining a perimeter; we are building a scalable, high-visibility security framework that defines the future of digital operational excellence in the fintech space.

Your Role as an Cyber Security Manager - SOC

As an Cyber Security Manager (SOC) at Shine you will shape and operate our information security and digital operational resilience framework. Reporting directly to the CISO , you will take a key role in implementing and maturing our SOC and Incident Response capabilities in close collaboration with IT, Risk, Internal Audit and Management.

• Define and own Shine’s security operations model , leveraging an external MSSP while ensuring strong internal governance, SLA management and service quality.

• Ensure alignment with regulatory and compliance requirements including DORA, ISO/IEC 27001 and BAIT.

• Lead the automation and optimisation of the SIEM platform (use cases, log onboarding, correlation rules, tuning).

• Design and continuously improve detection use cases aligned to MITRE ATT&CK and financial-sector threat scenarios.

• Define and oversee DDoS protection and resilience strategy , including detection, mitigation (e.g. CDN/WAF) and coordination with providers.

• Establish and lead incident response capability (playbooks, escalation paths, crisis coordination, post-incident reviews).

• Ensure effective security monitoring, logging and telemetry coverage across cloud, infrastructure and applications.

• Integrate threat intelligence and external data sources into detection and response workflows.

• Provide clear risk and security reporting to leadership and support audits and regulatory reviews.

Job located in Berlin or Paris office, with possibility of two remote working days per week

About you

• Degree in Computer Science, Information Security, or comparable practical experience.

• 5+ years’ experience in Cyber Security / Security Operations , ideally within a regulated financial environment.

• Strong experience with SIEM platforms and detection engineering .

• Proven track record in vendor/MSSP management and operating outsourced security models.

• Hands-on experience in incident response and crisis management .

• Experience with security automation (SOAR), scripting (Python, PowerShell) and integrations .

• Solid understanding of cloud security, logging architectures and modern attack techniques .

• Familiarity with regulatory frameworks such as DORA and ISO/IEC 27001.

• Strong stakeholder management skills with the ability to translate technical risks into business impact.

• Fluent English required; German is a strong advantage .

Equal Opportunity Employer

We follow the principle of equal treatment to consider all job applicants and do not discriminate based on their gender, sexual orientation, color, racial or ethnic origin, religion, disability, etc. as per applicable law.

Our recruitment process

1️⃣ A 30' first call with Talent Acquisition to get to know you better and share more about Shine.

2️⃣ A 60' interview with your potential lead to discuss your past experiences and the role we are offering.

3️⃣ A 30' Interview with our Chief Complience Officer to dive deeper into the technical aspects.

4️⃣ A 60' business case presentation to highlight your skills and give you a hands-on feel for the role.

5️⃣ A soft skills interview to see how we can best support your growth at Shine.