Outsourcing Business Owner (f/m/d)

At Upvest, we are on a mission to make investing as easy as spending money. Upvest empowers businesses to offer a wide range of investment products and the best experience in the field of capital market investment and retirement planning. Upvest’s Investment API is easy to integrate so that fintechs and financial institutions can save resources and fully focus on their core business.

We are proud to partner with Europe’s leading Fintechs and financial institutions such as DKB, Revolut, N26 and Raisin. Founded in 2017 by Martin Kassing, Upvest now brings together over 270 talented professionals from more than 70 nationalities. Upvest is backed by €280M in total funding from world-class investors, including BlackRock, Tencent, Sapphire Ventures, and Bessemer Venture Partners, Earlybird, Notion Capital, and Motive. Our latest €105M funding round in March 2026 - led by Sapphire and Tencent - serves as a massive catalyst for our growth, allowing us to offer premier investment experience.

Our Client Impact team sits at the heart of that mission. We own the full journey from contract signature to a live, healthy investment product for every client — and we keep it running.

As Outsourcing Business Owner, you are the first line of defense for all outsourcing and critical ICT relationships within Client Impact. You own and manage the full lifecycle of outsourced services — from pre-contractual due diligence through active governance to annual compliance reviews — in accordance with EBA/GL/2019/02 guidelines, MaRisk (AT 9), and DORA.

Today, the Client Impact portfolio spans outsourcing relationships with TOL (Take our Licence) clients, covering e.g. Customer Support, Document Management, Complaint Management, and AML services. You will also be the person who sets up, monitors, and owns every outsourcing relationship with our new clients.

This is a high-ownership role that sits at the intersection of regulatory compliance, operational excellence, and client relationship management. You will work closely with the 2nd line (Outsourcing/GRC/Compliance) and 3rd line (Internal Audit) functions, while being fully accountable for the performance and resilience of outsourced services end-to-end.

Pre-Contractual Phase

• Lead contract review and negotiation to ensure alignment with regulatory requirements and operational needs before signature.

• Conduct structured due diligence: gather all required documentation on providers’ financial health, security posture, and compliance certifications.

• Perform risk assessments identifying operational, legal, and security threats associated with each outsourcing partner.

• Define and set up mandatory KPIs, thresholds, and monitoring mechanisms as a condition of onboarding.

• Develop clear, actionable Exit Strategies for each provider, ensuring business continuity and data portability in case of contract termination or provider failure.

Ongoing Governance

• Monitor KPIs and SLAs on a regular basis to ensure outsourced services meet performance standards.

• Maintain regular communication with providers to address operational issues early and proactively.

• Report on outsourcing performance to Central Outsourcing Management on a quarterly and annual basis.

• Ensure continued documentation of meetings and monitoring activities to maintain a complete audit trail.

Event-Driven Obligations

• Incident reporting: formally report incidents, track action plans to closure, and ensure root cause analysis is performed and remediated.

• Subcontractor management: immediately assess and report new subcontractors or significant supply chain changes, evaluating the impact on risk and compliance.

• Change management: evaluate the impact of any provider-initiated changes to systems or service scopes.

• Action tracking: continuously monitor all open issues and action items derived from incidents until full closure.

Annual Reviews

• Annually validate and update Exit Strategies based on technological changes or market shifts.

• Lead comprehensive annual risk reviews of all outsourcing relationships, and trigger ad-hoc reviews in response to major incidents, provider structural changes, or regulatory updates.

• 3+ years of experience in outsourcing management, third-party risk, compliance, or a closely related operational role — ideally within a regulated financial institution or fintech.

• Solid working knowledge of EBA outsourcing guidelines, MaRisk AT 9, and/or DORA; hands-on experience applying these in practice.

• Strong project management skills: you can run multiple governance tracks in parallel without dropping the ball.

• Analytical mindset: you are comfortable with risk assessments, KPI analysis, and translating regulatory obligations into operational processes.

• Excellent written and verbal communication in English (German is a plus); you can document clearly for both internal stakeholders and external auditors.

• High ownership mentality: you don’t wait to be asked. You identify gaps, raise them, and fix them.

• Comfortable working across a 3-lines-of-defense model and collaborating with GRC, Legal, Compliance, and Internal Audit.

• Experience with investment or brokerage services, BaaS/IaaS platforms, or other white-label financial products.

• Familiarity with ICT risk management and critical third-party provider (CTPP) classification under DORA.

• Experience working in a scale-up or hypergrowth environment where processes are still being built.

• Impact-driven work: We’re building the infrastructure that will power the future of investing in Europe. It’s complex, ambitious, and meaningful. You’ll work with modern technologies and create something entirely new. No legacy systems, no limits.

• Wellbeing: Recharge with 30 days of annual leave and maintain a healthy lifestyle with sports benefits. Access confidential professional coaching and enjoy the flexibility to work remotely abroad for up to 183 days a year. Recharge with UpRest, a one-month fully paid sabbatical after every 4 years of working at Upvest.

• Development: Growth is in our DNA. Each Upvenger has access to a personal development budget and the freedom to decide how to use it.

• Flexible work environment: Work from any of our hubs in Berlin, London or Tallinn hybrid or remotely across Europe, depending on the role. We give you the choice and budget to work where you’re most comfortable and productive, either at home or in the office. You choose.

• Compensation and equity: We believe that all Upvengers contribute to our success and deserve a competitive, above-market salary and a participation in our employee equity program.

• Team celebrations: Participate in company-wide events, such as UpFest, dinners, offsites and our Holiday party, to connect with colleagues and celebrate our achievements.

• Inclusion: We’re committed to a culture where everyone belongs and thrives. Our Employee Resources Groups foster inclusion and connection, like Upfem for our female Upvengers, or UpVergent supporting neurodivergent Upvengers and allies.

• Make it easy for others. We simplify the complex and act with the best intentions.

• Own the outcome. We are proactive, fast and confident to get the job done, valuing progress over perfection.

• Rise to the challenge. We aim high and push the boundaries. We stay curious, learn and celebrate our wins together.

• Tell the story. We start with the Why to align on purpose. We are transparent and share knowledge to empower and inspire others.

Upvest is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.