Join to apply for the INFORMATION SECURITY MANAGER (f/m/d) role at 360T1 day ago Be among the first 25 applicantsJoin to apply for the INFORMATION SECURITY MANAGER (f/m/d) role at 360TAs Information Security Manager and part of the Security & Privacy Governance team, you will steer our ISO 27001:2022 certified information‑security‑management system (ISMS), drive compliance with the EU Digital Operational Resilience Act (DORA), and align our controls to international regulations such as the CFTC System Safeguards Requirements and Singapore’s MAS Technology Risk Management (TRM) Guidelines.Your ResponsibilitiesGovernance & ICT RiskISMS Ownership: Maintain and enhance our ISO 27001:2022 ISMS and policy framework.DORA Alignment: Implement the act’s requirements on ICT-risk governance, incident reporting and third-party oversight ahead of the 17 Jan 2025 go-live. Global Regulatory Mapping — ensure our control set also meets CFTC System Safeguards for automated trading systems and MAS TRM principles on governance, access control and cloud security. ICT-Risk Assessments: Run risk analyses in line with regulations, best practices, Three-Lines-of-Defence model, reporting residual risk to senior management.Engineering & Operations (First-Line Enablement)Security-by-Design Reviews: Advise product teams on secure architecture, zero-trust networking and segregation of duties.Control Lifecycle: Define, monitor and improve technical controls (vulnerability management, hardening baselines, privileged access) together with Development, Infrastructure, and SRE teams.Tooling Strategy: Manage, use, and optimise our threat intelligence, security events, intrusion detection, deception, and similar platforms. Ensure coverage, effectiveness, efficiency and automation.Detection & ResponseIncident Response: Manage the NIST-aligned lifecycle (prepare, detect, contain, eradicate, recover, lessons learned) and meet the multi-jurisdiction requirements and timelines set by our regulators and expected by our clients.Assess & Improve: Use threat intelligence, vulnerability reports, and similar news sources to assess changes in landscape, threats, and best practices, and provide thoughtful, innovative, and practical guidance to improve our processes and systems.Table-Top & Purple-Team Drills: Coordinate regular exercises to validate controls and drive continuous improvement.People & CultureAwareness & Training: Deliver engaging security-awareness sessions and micro-learnings for developers, sales and operations staff.Client & Audit Liaison: Help answer RFPs, coordinate ISO/DORA and other audits, and support due-diligence requests from counterparties worldwide.Your ProfileUniversity degree in computer science or a comparable education5+ years of experience in the IT security domain. Certifications are a plus (CISSP, CRISC, CISM, ISO27001 Lead Implementer or Auditor)Working knowledge in implementing and maintaining security certifications (ISAE3402, SOC1, SOC2, ISO2700x) and maintaining compliance to national and international security, data protection, and privacy standards, laws and regulationsExperience in the development of practical security processes, policies and standards. Ability to work with multiple, sometime conflicting goals and prioritiesExperience in the management of information security issues and incidentsExcellent analytical and conceptual thinking, able to understand, structure and prepare/explain complex topics on the appropriate level, depending on context and recipientTrack record of taking responsibility, working independently and without much supervisionHighly motivated to learn about new topics, technologies, and business casesHighly proficient in spoken and written English (CEF C1 or above) is mandatory. Very good command of German language (CEF B2 or above) is desirableOur OfferRegular performance appraisals and close interaction with all business and IT functions, plus direct access to the Group DPO and CISOGrowth, development, and learning opportunities, including our internal „360T Academy“Office located directly in the Frankfurt am Main city centerMulticultural teams, social events and an environment that values innovation, excellence, teamwork, and humourAn outstanding opportunity to shape privacy in a fast-moving financial-technology firmWe offer an outstanding opportunity for a highly motivated individual to participate in the growth of a successful technology company in the financial sector. The position is based in Frankfurt am Main and vacant immediately.How To ApplyIf your background and qualifications meet these specifications, please forward your application including your salary expectation and earliest starting date by clicking the “Apply” button.About Us360T is a regulated, global marketplace for Foreign Exchange (FX). As Deutsche Börse Group’s powerhouse for FX, 360T provides a broad range of trading solutions and related services to both buy-side and sell-side firms.Since its inception in 2000, the company has developed and maintained a state-of-the-art multi-bank portal for foreign exchange, cash and money market products. It has recently expanded its instrument offering to include crypto NDFs and commodities (base metals and energy).With over 2,900 buy-side customers and more than 200 liquidity providers across 75 different countries, 360T is uniquely positioned to connect the global FX industry.Headquartered in Frankfurt am Main, Germany, 360T maintains subsidiaries in New York (360 Trading Networks Inc), London (360 Trading Networks UK Ltd), Singapore (360T Asia Pacific Pte. Ltd.), Mumbai (ThreeSixty Trading Networks (India) Pvt Ltd), Kuala Lumpur (360 Trading Networks Sdn Bhd) and Dubai (360 Trading Networks (DIFC) Limited).Seniority levelSeniority levelAssociateEmployment typeEmployment typeFull-timeJob functionJob functionInformation TechnologyIndustriesTechnology, Information and MediaReferrals increase your chances of interviewing at 360T by 2xSign in to set job alerts for “Information Security Manager” roles.Frankfurt am Main, Hesse, Germany 11 months agoSales & Business Development Manager - Automotive, Future Mobility & Connected Devices(Junior) Information Security Manager (m/w/d)Senior Manager Security Audit & Risk Management (all genders welcome)Principal Consultant - Cyber Security Consulting & Advisory (m/f/d)Cyber Strategy & Architecture Manager (m/w/d)We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr