Specialist ICT Risk Strategy & Methodology (f/m/d)

Apply now »

Date: 14 Aug 2025

Location: Frankfurt am Main, DE

Company: Deutsche Börse Group

Location: Frankfurt or Prague

Your area of work:

The ICT Risk Strategy & Methodology unit as part of the Deutsche Börse Group (DBG)’s ICT risk second line of defense, is responsible for the development, maintenance and continuous improvement of the digital operational resilience strategy, the ICT risk management methodology, the threat landscape and the shaping and promotion of a security culture within Deutsche Börse Group. Further, we act as independent challengers & advisors to large scale transformation and security programs within the group.

As a Specialist you will significantly contribute to Deutsche Börse Group strategic ambitions of operating a threat-based ICT risk management and thereby contribute to strengthening our resilience against increasing threats such as cyber attacks.

Your responsibilities:

  • Contribute to the operation and evolvement of the Deutsche Börse DOR Strategy, ICT Risk Management Policy, and ICT Risk Management Methodology.
  • Collaborate with stakeholders across various departments to identify, assess, and mitigate ICT risks.
  • Support the ongoing enhancement of ICT risk management framework and processes.
  • Provide expert guidance and support on ICT risk-related matters.
  • Support and oversee the activities to maintain compliance with DORA requirements for DBAG.
  • Provide advisory and training sessions on risk management methodologies and digital resilience.  

Your profile:

  • You have completed your university degree in a field related to information security, IT, risk management, business informatics or related fields.
  • You have proven work experience (3-5 years) in the area of IT, Information Security, Governance, Compliance, or comparable functions.
  • You are familiar with cyber risk quantification approaches (quantitative and qualitative) and scenario-based analysis.
  • You are experienced in working with regulatory frameworks and risk management methodologies and standards (e.g. DORA, ISO27001 or NIST).
  • You own strong analytical, social and methodological skills and are eager to develop these further.
  • A result-oriented working method in a team is self-evident for you.
  • You own strong analytical, problem-solving, and communication skills to challenge and advise stakeholders.
  • You have a sound understanding of IT and Information Security risk management principles and practices.
  • Ability to work effectively both independently and as part of a team in a multicultural environment.
  • Proficiency in written and spoken English; German language skills will be a strong benefit.