(Junior) Information Security Officer (f/m/d)

This position is limited for 13 months.

Your area of work
Eurex Clearing AG Information Security 2nd Line of Defense organisation is responsible for the cyber security risk assurance program, cyber resilience, awareness and steering of processes, controls and compliance activities in the field of Information Security. Line of reporting is to the Chief Risk Officer of Eurex Clearing AG.   

Your responsibilities

• You will be supporting the Eurex Clearing AG Chief Information Security Officer in a 2nd Line of Defense function 
• You will receive a thorough training-on-the job and from day one on be tasked with own responsibilities under the supervision and with guidance of experienced colleagues of diverse professional background
• Support the implementation and maintenance of the information security risk assurance program, including control requirements consistent with ISO 27000-series based on the analysis of the threat landscape, applicable policies, standards, and regulations
• Analyse, improve and document information security aspects in relevant business and IT processes
• Conduct risk assessments and support reporting on material risks and further Information Security related topics as part of reporting to boards & committees
• Provide required evidence in audits (internal audits, regulatory audits, self-assessments, or customer questionnaires)
• Conduct ongoing and yearly review tasks regarding risk management, outsourcing and material Change Management
• Support track incidents together with CERT
• Actively and professionally engage with business operations and IT in conversations that drive adequate Information Security risk decisions as well as risk treatment
• Ensure employees and third parties understand, acknowledge, and fulfil all applicable information security policy requirements

 
Your profile

• University degree (master or diploma) in physics, mathematics, IT or business administration or comparable education
• Preferably strong interest in Cyber / IT security, information security risk management, or IT audit in the financial sector
• Analytical skills to understand, structure and prepare/explain complex topics
• High self-responsibility & ownership; result orientation and (internal) customer focus
• Ability to develop a full and deep understanding of the business / IT operations and related information security risks
• Proficiency in written and spoken German and English