Senior Cybersecurity Risk Manager (f / m / d)

The Group Security department directly contributes to execution of the Deutsche Börse Group cybersecurity strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets in terms of safety, integrity, confidentiality, authenticity and availability by enforcing information security controls based on the relevant regulatory requirements and the international standards like ISO 2700x-series on the Information Security Management System.

Area of work :

In your new position, you will have a unique opportunity to be part of an expanding department at the heart of a dynamic global business.The Information Security Risk Management team is responsible for enforcing the Information Security Framework in close collaboration with CISO and other central functions such as Group Risk, Compliance Management and Data Privacy.

In this role, you will be focused on Cyber Risk Management, our core competence, consulting our business partners and management on IT Security Risk Management matters. Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions compliant with the regulatory requirements and following the best industry practices. Your strong interpersonal skills with ability to build trust with business and technology stakeholders at all levels will be the driving force behind your work in our friendly, co-operative and supportive environment.

Your responsibilities :

• You consult the departments and management on Cybersecurity Risk Management matters.
• You manage and lead the Information Risk Management service delivery.
• You consult Business Owners on the Cybersecurity Risk Assessments, assuring proper risk identification and assessment in accordance with the Information Security Framework, and monitoring the risk remediation.
• You contribute to strategic Cyber Security projects like Cloud Security.
• You develop and maintain the Information Risk Management methodology - process - tooling to meet the business strategy, regulatory requirements and the industry best practices.
• You maintain trusted relationships with our business stakeholders, e.g. Risk Owner(s), Chief Information Security Officer, Compliance Officer(s), Technical Information Security Officer(s), and Internal / External Audit.

Your profile :

• Master’s degree in Information Technology, Cybersecurity, Business Informatics or comparable education.
• 5+ years of experience in IT risk management, Cybersecurity, GRC, IT Audit or similar.
• Certifications like CISM, CRISC, CISA, ITIL, PMP or similar is an advantage.
• Knowledge of general legal and regulatory frameworks in the financial industry, for example DORA, NIS2, and industry standards like ISO / IEC 2700x or NIST.
• Strong analytical skills, critical thinking, ability to identify problems and propose solutions.
• Autonomous and resilient, with strong planning and organization skills.
• Exceptional communication and stakeholder management skills, both verbal and written in English.

We are committed to providing a work environment where everyone feels welcome and can reach their full potential. Our standards go far beyond simply matching candidates with the right position.

Mobility

We enable you to move freely with our job tickets, job (e-)bikes and free parking opportunities.

Work environment

Collaboration, communication, or deep focus – in our modern office buildings you will find the perfect work environment. Free drinks and food and meal allowances included.

Health and wellbeing

We care for your health and wellbeing and besides various health promotion measures we offer you a group accident insurance and additional insurance offers at discounted rates.

We provide financial stability by offering attractive salaries, company pension schemes, participation in our Group Share Plan, as well as bonuses, subsidies and discounts.

Collaborate and exchange on-site or work remotely several days a week in line with business needs and local regulations. Our hybrid working model combines the best of both worlds.

We want your job to fit your life situation and offer flexible working time models, childcare allowance, or the possibility to study alongside your job.

Internationality

Our market infrastructures are globally connected. Working with us means collaborating with like-minded colleagues across over 60 locations from more than 100 nations.

Development

We promote individual development by offering internal development programmes, mentoring, further education and training budgets.