Your career at Deutsche Börse Group

Area of work:

Clearstream is a large international financial institution offering post-trade infrastructure and securities services for the international and domestic markets worldwide.

The ICT risk management control function plays a pivotal role in safeguarding our organization against technological and information security risks. We partner closely with product, technology, security, and risk teams to ensure the resilience of our systems and services. We actively manage technology risks, steer ICT risk governance and framework design, perform focused risk assurance, and enable compliance for legal entities, branches, and representative offices in scope with direct reporting line to the corresponding executive boards.

The ideal candidate will have a deep understanding of technology audit and security engineering background, also comfortable working cross functionally.

Your responsibilities:

The 2LOD Senior Associate will be working on assuring that material technology/information security technical risks are identified, analyzed, reported, and effectively remediated by relevant stakeholders.

In addition, he/she will play an active role ensuring that (1) technical controls deemed necessary for the mitigation of those risks are designed and operating effectively, and (2) applicable information security compliance requirements are consistently implemented. 

More specifically:

• Analyze information security risk-related technical problems and provides engineering and technical recommendations for solving those problems
• Conduct technical security audits and support reporting on material risks
• Complement existing risk and vulnerability assessments of planned and installed information systems to identify material vulnerabilities, risks, and protection needs
• Actively and professionally engage with operations and IT to drive adequate security decisions

Your profile:

• Master’s degree in computer science, network security, or related technical field
• Minimum 3 years of experience in security engineering or security audits
• Strong ability to convey complex IT security issues and related technology risks in a manner that is easily understood and actionable
• Ability to effectively analyze information security risks within the context of complex IT environment and to provide value-added/actionable recommendations
• Ability to collaborate across multiple teams in a multicultural environment
• Ability to develop a full and deep understanding of the business / IT operations and related security measures
• Experience with information security regulatory compliance and information security risk management frameworks (nice to have)
• Proficiency in written and spoken English, German is nice to have