Senior IT Risk Management Specialist (f/m/d)
Date: 13 Dec 2024
Location: Prague, CZ
Company: Deutsche Börse Group
Your area of work:
In your new position, you have a unique opportunity to be part of an expanding department at the core of a thrilling global business.
The Information Security Risk Management team is responsible for the enforcement of the Information Security Framework in close collaboration with CISO and other central functions like Group Risk, Compliance Management and Data Privacy.
In the advertised position you will be focused on the Cyber Risk Management, our core competence, consulting our business partners and management on IT Security Risk Management matters. Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices.
Your strong interpersonal skills with the ability to build trust with business and technology stakeholders at all levels will be the driving force behind your work in a friendly, co-operative and supportive environment.
Your responsibilities:
- You consult the departments and management on Cyber Risk Management matters.
- You manage and lead the Information Risk Management service delivery.
- You consult Business Owners on the IT Security Risk Assessments, assuring proper risk identification and assessment in accordance with the Information Security Framework, and monitoring the risk remediation.
- You contribute to strategic Cyber Security projects like Cloud Security.
- You develop and maintain the Information Risk Management methodology - process - tooling to meet the business strategy, regulatory requirements and the best industry practices.
- You maintain trusted relationships with our business stakeholders, e.g. Risk Owner(s), Chief Information Security Officer, Compliance Officer(s), Technical Information Security Officer(s), and Internal/External Audit.
Your profile:
- Bachelor's and/or Master’s degree in Information Technology, Cybersecurity, Business Informatics or comparable education
- 5+ years of experience in IT risk management, Cybersecurity, IT Audit or similar
- Certifications like ITIL, CISM, CRISC, CISA, PMP or similar is an advantage
- Knowledge of general legal and regulatory frameworks in the financial industry, for example EBA Guidelines on ICT and security risk management, DORA, NIS2, and industry standards like ISO/IEC 2700x or NIST
- Strong analytical skills, critical thinking, ability to identify problems and propose solutions
- Autonomous and resilient, with strong planning and organization skills
- Exceptional communication and stakeholder management skills, both verbal and written in English (German would be considered an asset)
You can look forward to our benefit package:
- Hybrid Work and Flexible working hours
- Work from abroad - 12 days of remote work from EU countries per year
- Group Share Plan - discount on company shares
- Pension fund contribution - 3% of your gross salary (5% after 5 years with us)
- Health & Wellbeing - fully covered Multisport card, life & accident insurance, sick days and 100% salary contribution during sick leave (up to 56 days)
- 25 vacation days
- Mobility - fully covered public transport in Prague & free parking
- Flexible Benefit Account (Pluxee) - 1200 per month
- Personal Development - annual budget of €690 ... and way more!