Field of Activities The central Information Security 2nd Line of Defence team is embedded in the Chief Risk Officer area of Deutsche Börse Group. The function provides effective independent oversight to and monitoring of information technology and information security. Tasks/responsibilities Support the maintenance, further development and continual improvement of the Group’s information security assurance framework and processes to ensure their ongoing effectiveness Conduct Group-wide assessment and monitoring activities to ensure that regulatory requirements and the rule set for information security management are implemented effectively Provide challenge to the 1st line of defence functions, e.g. lines of business, IT and IT Security Assist in complying with monitoring and reporting obligations of information security status and risks to executive and supervisory boards and/or relevant committees incl. results of assurance reviews Provide oversight for issue remediation Guide counterparts in Deutsche Börse Group entities in implementing, supporting and executing the information security assurance framework and processes Qualifications/required skills University or similar degree in a relevant field Several years of experience and proven track record in an information security management role (advising, consulting, creating, auditing or implementing Information Security Management Systems and frameworks) In-depth knowledge of relevant regulations (BAIT, MaRisk, CSSF circulars, etc) and good understanding of industry frameworks and standards (ISO 2700x, ITIL, ISF SoGP, COBIT, etc.) Very good understanding of assessment and auditing practices Strong technical background and practical knowledge in relevant IT Security solutions Strong analytical skills, creativity, critical thinking, precision in communicating and documenting, ability to identify problems and propose solutions, reliability High Proficiency in Englisch and German (equivalent to CEFR C1 or higher)