Join to apply for the INFORMATION SECURITY MANAGER (f/m/d) role at 360T
4 days ago Be among the first 25 applicants
Your Role
As Information Security Manager and part of the Security & Privacy Governance team, you will steer our ISO27001:2022 certified information‑security‑management system (ISMS), drive compliance with the EU Digital Operational Resilience Act (DORA), and align our controls to international regulations such as the CFTC System Safeguards Requirements and Singapore’s MAS Technology Risk Management (TRM) Guidelines.
Your Responsibilities
* Governance & ICT Risk
o ISMS Ownership: Maintain and enhance our ISO 27001:2022 ISMS and policy framework.
o DORA Alignment: Implement the act’s requirements on ICT-risk governance, incident reporting and third-party oversight ahead of the 17 Jan 2025 go-live.
o Global Regulatory Mapping: Ensure our control set also meets CFTC System Safeguards for automated trading systems and MAS TRM principles on governance, access control and cloud security.
o ICT-Risk Assessments: Conduct risk analyses in line with regulations, best practices, Three-Lines-of-Defence model, and report residual risk to senior management.
* Engineering & Operations (First-Line Enablement)
o Security-by-Design Reviews: Advise product teams on secure architecture, zero-trust networking, and segregation of duties.
o Control Lifecycle: Define, monitor, and improve technical controls (vulnerability management, hardening baselines, privileged access) with Development, Infrastructure, and SRE teams.
o Tooling Strategy: Manage and optimise threat intelligence, security events, intrusion detection, deception platforms, ensuring coverage, effectiveness, and automation.
* Detection & Response
o Incident Response: Manage the NIST-aligned lifecycle and meet multi-jurisdiction requirements and timelines.
o Assess & Improve: Use threat intelligence and vulnerability reports to assess landscape changes and improve processes.
o Table-Top & Purple-Team Drills: Coordinate exercises to validate controls and promote continuous improvement.
* People & Culture
o Awareness & Training: Deliver engaging security-awareness sessions for staff.
o Client & Audit Liaison: Assist with RFPs, audits, and due-diligence requests.
Your Profile
* University degree in computer science or related field
* 5+ years in IT security; certifications like CISSP, CRISC, CISM, ISO27001 Lead are a plus
* Experience with security certifications (ISO27001, SOC, ISAE3402) and compliance standards
* Proven ability to develop security policies and manage security issues
* Strong analytical and communication skills
* Ability to work independently and responsibly
* Proficiency in English (C1+) required; German (B2+) desirable
Our Offer
* Clear career development path
* Regular performance reviews
* Opportunities to switch teams based on interests
* 360T Academy training
* Location: Frankfurt city center
* Social events
We offer an outstanding opportunity for a motivated individual to join a successful financial technology company. The position is based in Frankfurt am Main and available immediately.
How To Apply
If your profile matches, please submit your application with salary expectations and earliest start date by clicking the “Apply” button.
Contact
Irune Del Buey
People & Culture Manager
Send email
Grüneburgweg 16-18
60322 Frankfurt am Main
About Us
360T is a regulated FX marketplace, part of Deutsche Börse Group, offering trading solutions globally. Established in 2000, it has expanded to include crypto NDFs and commodities, serving over 2,900 clients worldwide. Headquartered in Frankfurt, it maintains subsidiaries across major financial hubs.
#J-18808-Ljbffr