Information Security Risk Officer (f/m/d)
Updated: 29 Oct 2020
Supply Chain / Logistics
Location:Frankfurt, DE Group Company:Deutsche Börse AG Information Security Risk Officer (f/m/d) Full-time | Unlimited Tracing its origins to 1585, Deutsche Börse Group has become one of the world’s leading exchange organisations and an innovative market infrastructure provider. In this role, we provide investors, financial institutions and companies access to global capital markets. By creating trust in the markets of today and tomorrow we foster growth and contribute to the prosperity of future generations. Deutsche Börse Group is an international company, headquartered in Frankfurt/Main, Germany. With more than 6,700 employees, the company has a strong global presence for its customers all over the world, including Luxembourg, Prague, Chicago, London, Cork, New York and many other locations. What’s your part in all this? With your commitment you contribute to the success of our unique business model: offering a wide range of products, services and technologies, covering the entire value chain of global financial markets.Field of activity In your new position, you will become a member of the Information Security vernance & Risk team, part of Group Security in Frankfurt am Main. The Information Security vernance & Risk team is responsible for the enforcement of the Information Security Framework in close collaboration with CISO and other central functions like Group Risk, Compliance Management, Outsourcing and Data Privacy, and is responsible for the management reporting and the awareness campaigns at the Deutsche Börse Group as well. In the advertised position you will be focused on the Information Risk Management, our core competence, consulting our business partners and management on Information Security Risk Management matters. Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices. Your strong interpersonal skills with the ability to communicate clearly and effectively with business and technology stakeholders at all levels will be the driving force behind your work.
- You consult the departments and management on Information Risk Management matters.
- You conduct Information Security Risk Assessments, assuring proper risk identification in accordance to the Information Security Framework, and tracking/reporting on remediations.
- You contribute to implementing the Information Security Framework, e.g. operationalization of the Information Security Risk Management, process automation and tooling.
- You participate in Information Security Audits, incl. preparing for audits, resolving audit findings and ensuring closure.
- You establish trusted relationships with our business stakeholders, e.g. Compliance Officers, Risk Officers, Chief/Business Information Security Officers and Internal/External Audit.
- You report, escalate and provide solutions for Cyber Security issues.
- You maintain up-to-date kledge of the Information Security industry, including awareness of innovative information security solutions/processes, emerging standards and new threat vectors.
- Bachelor's and/or Master’s degree in Information Technology, Cybersecurity, Business Informatics or comparable education
- 3+ years of experience in Cybersecurity
- Kledge of general legal and regulatory frameworks in the financial industry, for example MaRisk, BAIT, German BSI IT-Grundschutz and industry standards like ISO/IEC 2700x or NIST
- Certifications like ISO/IEC 27001 Lead Implementer/Auditor, CRISC, CISA or similar is an advantage
- Strong analytical skills, critical thinking, ability to identify problems and propose solutions
- Excellent presentation and interpersonal skills
- Proficiency in written and spoken English, German is an asset