Join our international team that drives positive change, united by a spirit of openness and curiosity. We empower you to have an impact and to grow – personally and professionally. With us, you work at the heart of financial systems and evolve the way markets operate. We're excited about the future because we are the ones shaping it. Let ́s do this together by sharing value! Tracing its origins to 1585, Deutsche Börse Group has become one of the world's leading exchange organisations and an innovative market infrastructure provider. In this role, we provide investors, financial institutions and companies access to global capital markets.
Your area of work:
The ICT Risk Strategy & Methodology unit as part of the Deutsche Börse Group (DBG)'s ICT risk second line of defense, is responsible for the development, maintenance and continuous improvement of the digital operational resilience strategy, the ICT risk management methodology, the threat landscape and the shaping and promotion of a security culture within Deutsche Börse Group. Further, we act as independent challengers & advisors to large scale transformation and security programs within the group.
As a Senior Specialist you will significantly contribute to Deutsche Börse Group strategic ambitions of operating a threat-based ICT risk management and thereby contribute to strengthening our resilience against increasing threats such as cyber attacks.
* Develop maintain and enhance the ICT risk management framework, ensuring alignment with enterprise risk management
* Design a comprehensive risk management methodology that encompasses the entire risk management lifecycle, utilizing established best practice frameworks
* Evaluate and enhance commonly used risk management concepts in the area of ICT risk, e.g. definition of risk appetite, risk taxonomy, scoring of risks, reporting on risks
* Develop risk scenarios for IT and information security risks
* Identify and assess emerging threats, as well as contribute to the development and refinement of the threat landscape
* Develop, monitor and report risk metrics and performance indicators to track the progress of strategical objectives and potential new risks
* Engage in the refinement of ICT risk models, supporting integration into enterprise -wide risk management
* Support and oversee the implementation of DORA requirements for DBAG
* Act as an SME on ICT risk and digital resilience matters in regulatory discussions and audits
* Provide advisory and training sessions on risk management methodologies and digital resilience
* You have completed your university degree in a field related to information security, IT, risk management, business informatics or related fields
* You have proven work experience (at least 5-10 years) in the area of IS risk management, IT risk management, non-financial risk management, information security, or comparable functions
* You are familiar with cyber risk quantification approaches (quantitative and qualitative) and scenario-based analysis
* You are experienced in working with regulatory frameworks and risk management methodologies and standards (e.g. DORA, ISO27005, ISO 31010 or NIST, FAIR, ISACA/COBIT)
* You own strong analytical, social and methodological skills and are eager to develop these further
* A result-oriented working method in a team is self-evident for you
* Strong analytical, problem-solving, and communication skills to challenge and advise stakeholders
* Ability to collaborate across multiple teams in a multicultural environment
* Certifications such as CRISC, CISM, CISSP, or similar are highly preferred
* Proficiency in written and spoken English; German language skills will be a strong benefit
We are committed to providing a work environment where everyone feels welcome and can reach their full potential. Our standards go far beyond simply matching candidates with the right position.
Mobility
We enable you to move freely with our job tickets, job (e-)bikes and free parking opportunities.
Work environment
Collaboration, communication, or deep focus – in our modern office buildings you will find the perfect work environment. Free drinks and food and meal allowances included.
Health and wellbeing
We care for your health and wellbeing and besides various health promotion measures we offer you a group accident insurance and additional insurance offers at discounted rates.
Financial stability
We provide financial stability by offering attractive salaries, company pension schemes, participation in our Group Share Plan, as well as bonuses, subsidies and discounts.
Hybrid work
Collaborate and exchange on-site or work remotely several days a week in line with business needs and local regulations. Our hybrid working model combines the best of both worlds.
Flexible working hours
We want your job to fit your life situation and offer flexible working time models, childcare allowance, or the possibility to study alongside your job.
Internationality
Our market infrastructures are globally connected. Working with us means collaborating with like-minded colleagues across over 60 locations from more than 100 nations.
Development
We promote individual development by offering internal development programmes, mentoring, further education and training budgets.