Area of work:
The Group Security department directly contributes to execution of the Deutsche Börse Group information security strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets, incl. suppliers, in terms of safety, integrity, confidentiality, authenticity and availability by enforcing information security controls based on the relevant regulatory requirements and follows the international standard ISO/IEC 27000-series on the Information Security Management System.
Your responsibilities:
The key responsibilities involve providing IT security expertise to support the business as follows:
* Manage the delivery of security services, ensuring they meet agreed-upon SLAs and KPIs.
* Develop and maintain strong relationships with key stakeholders across the business.
* Identify and manage security risks related to service delivery.
* Contribute to the development and implementation of security procedures and other security documentation.
* Must have experience to manage medium to large security projects out of BAU.
* Manage security incidents and participate in incident response activities.
* Participate in budget and resources allocated to security services.
* Negotiate contracts and agreements with security service providers.
* Provide security consulting to Products and technical support groups.
Your profile:
* Bachelor’s degree in computer science, Information Security, or a related field.
* Proven 5 to 7 years of experience in a similar role, preferably within the financial services industry. Knowledge of Vulnerability Scanning technologies – CNAPP, RAPID7 etc.
* Strong understanding of security concepts, principles, and best practices.
* Experience managing security service providers and SLAs.
* Ability to meet challenging project deadlines with high quality results.
* Attention to detail for picking the right solution while keeping in mind the business constraints.
* Excellent communication, interpersonal, and stakeholder management skills in English (German is a plus).
* Team player, who is used to work in international environment, ability to work in a dynamic and agile team independently.
* Familiarity with relevant regulations such as GDPR, DORA, NIST, and ISO 27001.
* Industry certifications such as PMP, CISSP, CISM, or CCSP are highly desirable.
* Experience with ITIL framework is advantageous.