IT Risk Specialist (f/m/d)

Apply now »

Date: 19 Apr 2024

Location: Prague, CZ

Company: Deutsche Börse Group

 

Your area of work:

In your new position, you will become a member of the Information Security Risk Management team, part of Group Security in Prague. The Information Security Risk Management team is responsible for the enforcement of the Information Security Framework in close collaboration with CISO and other central functions like Group Risk, Compliance Management, Outsourcing and Data Privacy.

In the advertised position you will be focused on the Information Risk Management, our core competence, consulting our business partners and management on Information Security Risk Management matters. Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices. Your strong interpersonal skills with the ability to communicate clearly and effectively with business and technology stakeholders at all levels will be the driving force behind your work.

 

Your responsibilities:

  • You consult the departments and management on Information Risk Management matters.
  • You conduct Information Security Risk Assessments, assuring proper risk identification in accordance with the Information Security Framework, and tracking/reporting on remediations.
  • You contribute to implementing the Information Security Framework and participate in Information Security Audits,
  • You establish trusted relationships with our business stakeholders, e.g. Chief Information Security Officers.
  • You report, escalate and provide solutions for Cyber Security issues.
  • You maintain up-to-date knowledge of the Information Security industry, including awareness of innovative information security solutions/processes, emerging standards and new threat vectors.

 

Your profile:

  • Bachelor's and/or Master’s degree in Information Technology, Cybersecurity, Business Informatics or comparable experience in Information-/Cybersecurity or IT Audit
  • Certifications like ISO/IEC 27001 Lead Implementer/Auditor, CRISC, CISA or similar is an advantage
  • Knowledge of general legal and regulatory frameworks in the financial industry, for example EBA Guideline on ICT, EU Cybersecurity Act and security risk management
  • Industry standards like ISO/IEC 2700x or NIST
  • Analytical skills, critical thinking, ability to identify problems and propose solutions