Data Security Specialist - Cryptography - Group Security (f/m/d)

Apply now »

Date: 1 Apr 2026

Location: Frankfurt am Main, DE

Company: Deutsche Börse Group

Your area of work:

As part of the Cyber Protection – Detect & Prevent unit, you will join a highly skilled, geographically distributed team of cybersecurity specialists based in Eschborn, Luxembourg, Prague and Hyderabad. In this senior role, you will act as a cryptography subjectmatter expert with a strong focus on governance, policy management, risk oversight and assurance. You will contribute to the definition, evolution and oversight of Deutsche Börse Group’s cryptographic and keymanagement protocols and algorithms to support the development, implementation, and evaluation of secure systems and applications, ensuring alignment with internal security frameworks and regulatory expectations. You will work closely with cybersecurity teams, application owners, Corporate IT, cloud and architecture teams to ensure robust security design, consistent policy adherence and resilience against evolving threats.

 

Your responsibilities:

  • Maintain, review and further develop groupwide written rules related to encryption, key management and cryptographic controls.
  • Ensure policies, governance models and procedural requirements remain compliant with regulatory expectations and internal risk frameworks.
  • Define clear organisational responsibilities for cryptographic measures and keymanagement processes across Legal Entities and Corporate IT.
  • Lead periodic guideline reviews, ensuring updates reflect new risks, standards, regulatory changes and emerging cryptographic developments.
  • Define and maintain control requirements for encryption and keymanagement processes, including governance expectations for PKI, certificates and key lifecycle management.
  • Oversee documentation requirements for PKI architecture, certificate authorities and key/certificate registers.
  • Validate that governance principles such as separation of duties, multipleeyes controls, and accessmanagement rules are correctly defined and applied.
  • Coordinate assurance activities and support oversight of compliance with cryptographic governance requirements.
  • Conduct and support cryptographic risk assessments, including evaluations of deviations, exceptions or compensating measures.
  • Analyse the impact of cryptographic policy changes or new regulatory requirements on the organisation’s risk posture.
  • Support audit readiness and act as a primary contact for internal/external auditors and regulators on cryptography governance topics.
  • Oversee incidentresponse processes as they relate to cryptographic key compromise, certificate issues or governance breaches.
  • Provide expert guidance on the secure design and governance of cryptographic protocols, architectures and highlevel security mechanisms (TLS, IPsec, digital signatures, PKI, cloud encryption).
  • Partner with Corporate IT, application teams and cloud/security architects to ensure compliant implementation of cryptographic policies and governance requirements.
  • Support major projects, new product introductions and architectural changes with cryptography governance expertise.
  • Engage in crossfunctional working groups focused on cryptography, secure communications and dataprotection topics.

 

Your profile:

  • Bachelor’s or Master’s degree in Computer Science, Mathematics, Cybersecurity or a related field.
  • Handson experience in applied cryptography, information security, risk management or security governance.
  • Strong understanding of symmetric and asymmetric cryptography (e.g., AES, RSA, ECC)., cryptographic protocols and PKI principles.
  • Familiarity with keymanagement systems, hardware security modules (HSMs), certificate lifecycle management and cloud security concepts (highlevel understanding; implementation performed by Corporate IT).
  • Solid foundation in security governance, security architecture principles or risk management.
  • Ability to communicate complex cryptographic and governance concepts clearly to both technical and nontechnical audiences.
  • Strong attention to detail combined with an analytical mindset and excellent problemsolving skills.
  • Proven ability to work collaboratively in crossfunctional teams and engage effectively with diverse stakeholders.
  • Proficiency in written and spoken English is required; German language skills are a strong plus.
  • Highly motivated, adaptable and proactive in learning and staying current with emerging cryptographic and regulatory developments.