Field of Activity
The Information Security department as a service provider for DBG’s product organization and the Second Line of Defense of Deutsche Börse Group is responsible to protect information assets in terms of safety, integrity, confidentiality, authenticity and availability.
Information Security risk management tasks and procedures are based on the requirements published as the ISO 27000-standard-
series (information security management systems).
Tasks / Responsibilities
Develop strategies and new services to proactively support the company strategy and strengthen the leadership role as one of the world’s biggest exchange organization
Work with business and IT projects to develop information security requirements and concepts and coordinate the tracking of deliverables with other areas of information security and product organization
Participation in projects and ensuring that all security risks in these projects are identified, evaluated and that recommended security controls are implemented
Understand current as well as emerging security threats and design information security architecture to address key security issues in a forward looking manner
Recommend security measures to address cyber threats identified, e.g. defining SIEM use-cases
Continuous development and improvement of the group-wide identity provider as central policy decision point
Establish the identity provider as flexible and first choice component for authentication / authorization within the DevOps tool chain
Develop architectures and processes to enable fast and secure integration of API based micro services
Stay abreast of new information security technologies and integrate into information security architecture design when appropriate
Strengthening of the second line of defence function of Group Security
Qualifications / required skills
University degree (master or diploma) in IT or business administration; IT affinity is recommended
Experience in process orientation; knowledge of methods and procedures in the information security sector
Excellent analytical skills and experience to understand, structure and prepare / explain complex topics
Team orientation and strong communication skills
Very good IT skills
Knowledge of general legal and regulatory conditions and requirements in the financial industry, for example ISO 2700x, German BSI IT-
Grundschutz, NIST, COBIT
Proficiency in written and spoken English, preferable at least basic knowledge of German
Dedication, team and communication skills, flexibility as well as competent handling of MS Office applications round out your profile.
There are numerous good reasons to work for us : responsibility at an early stage, attractive social benefits, an international working environment and a broad variety of career opportunities.
Applications from disabled persons are welcome.