Share this Job

Data IT Information Security Specialist (f/m/d)

Date: 06-Feb-2019

Location: Frankfurt am Main, HE, DE

Company: Deutsche Börse Group

Group Company: Deutsche Börse AG

Data IT Information Security Specialist (f/m/d) 

Full-time | Permanent

 

Field of activity

Within the CIO/COO area, Data IT is responsible for the delivery of Software Development and IT Operation services for the Data Product, which comprises the three service lines - Data Services, Index Services, and Regulatory Services. The Data IT architecture, underpinning the Data Product, is designed to meet specific business requirements of the service lines. These contain, amongst others, real-time data feeds, ultra-low latency transaction processing, mass transaction processing, and data analytics. The services are built on Deutsche Börse Group standard technologies on premise and on cloud-based platforms. The Information Security specialist is responsible to ensure that the Data IT architecture, organization and processes are compliant with Deutsche Börse Group Information Security policies, standards and requirements, which are based on the ISO/IEC 27xxx standards, Rundschreiben 10/2017 (BA), and other Information Security related regulations. The Information Security specialist shall manage Information Security risks of the Data Product involving internal stakeholders, such as Product Management, Business Operations, and external stakeholders such as service providers, the customers and National Competent Authorities to achieve the ultimate goal to protect the information assets of the Data Product in terms of safety, integrity, confidentiality, authenticity, and availability. As the owner of the Data IT information security process, the Data IT Information Security specialist not only ensures the compliance of the Data IT services themselves, he/she also proves their compliance during internal and external audits and their regular verification as part of the day to day Data IT operations. Moreover, the Data IT security process must be designed to support the ongoing transformation of Data IT into an agile cloud technologies based, fully-fledged DevOps processing organization.

 

Tasks/responsibilities

As the Data IT Information Security specialist, you will have end-to-end responsibility for the Data IT services delivery to be in line with best IT security practices. Therefore, you should have a professional background in Information Security policies, standards and procedures and their implementation in IT organisations, processes and architectures in regulated environments, ideally in the financial markets sector. Your strong interpersonal skills with the ability to communicate clearly and effectively with business and technology stakeholders at all levels will be the driving force behind your work.

  • Work with Data IT service lines, Information Security Department, business and IT projects to develop information security requirements and concepts and coordinate the tracking of related deliverables in Data IT
  • Keep up to date with changing IT security policies and the resulting impacts on Data IT by reviewing new standards, policies, procedures, relevant regulations (e.g. MiFID II, IOSCO, BAIT, ISO/IEC27xxx)
  • Participation in projects and ensuring that all security risks in these projects are identified, evaluated and that recommended security controls are implemented
  • Own and support the execution of the Data IT Vulnerability Management process
  • Understand current as well as emerging security threats and design information security architecture to address key security issues in a forward looking manner
  • Recommend security measures to address cyber threats identified, e.g., defining SIEM use-cases
  • Be informed about the development of the group-wide information security policies, standards, baselines and requirements, as well as other Information Security related regulations.
  • Provide requirements for reporting from the Information Security Department
  • Report to Data IT Management the status on Security Concepts, related Risk Assessments and Risk Registers

 

Qualifications/required skills

  • University or comparable degree in Computer Science, Information Security, Engineering or related discipline
  • 3+ years experience in either IT operations or software development with 2+ years in an information security role is required
  • Broad knowledge of IT and Information Security technologies, operating systems, databases and applications.
  • Excellent understanding of threats, vulnerabilities, security controls and compliance checks
  • Experience in process orientation; knowledge of methods and procedures in the information security sector
  • Excellent analytical skills and experience to understand, structure and prepare/explain complex topics
  • Team orientation and strong communication skills
  • Knowledge of information security, legal and regulatory controls and requirements in the financial industry, for example, ISO/IEC 27xxx, German BSI IT-Grundschutz, COBIT, BAIT, MaRisk
  • Proficiency in written and spoken English, preferable at least basic knowledge of German


Dedication, team and communication skills, flexibility as well as competent handling of MS Office applications round out your profile. There are numerous good reasons to work for us: responsibility at an early stage, attractive social benefits, an international working environment and a broad variety of career opportunities. Applications from disabled persons are welcome.

Are you interested in working with a pleasant and very dedicated team? Convince us with an appealing application. Please use our online application portal.


Deutsche Börse Group, Human Resources
www.deutsche-boerse.com

Keywords: