Information Security Risk Officer

Tracing its origins to 1585, Deutsche Börse Group has become one of the world's leading exchange organisations and an innovative market infrastructure provider. In this role, we provide investors, financial institutions and companies access to global capital markets. By creating trust in the markets of today and tomorrow we foster growth and contribute to the prosperity of future generations. Deutsche Börse Group is an international company, headquartered in Frankfurt/Main, Germany. With more than 6,700 employees, the company has a strong global presence for its customers all over the world, including Luxembourg, Prague, Chicago, London, Cork, New York and many other locations. Clearstream is a leading European supplier of post-trading services. The wholly owned subsidiary of Deutsche Börse ensures that cash and securities are promptly and effectively delivered between trading parties. Clearstream Luxembourg offers an international, diverse and inclusive working environment. There are numerous good reasons to work for us: high level of responsibility at an early stage, attractive benefits and a broad variety of career opportunities.

Your area of work

In your new position, you have a unique opportunity to be part of an expanding department at the core of a thrilling global business.

The Information Security Risk Management team is responsible for the enforcement of the Information Security Framework in close collaboration with CISO and other central functions like Group Risk, Compliance Management and Data Privacy.

In the advertised position you will be focused on the Cyber Risk Management, our core competence, consulting our business partners and management on IT Security Risk Management matters. Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices.

Your strong interpersonal skills with the ability to build trust with business and technology stakeholders at all levels will be the driving force behind your work in a friendly, co-operative and supportive environment.

**Responsibilities**:
You consult the departments and management on IT Security Risk Management matters.

You conduct IT Security Risk Assessments, assuring proper risk identification in accordance with the Information Security Framework, and monitoring the risk remediation.

You contribute to strategic Cyber Security projects like Cloud Security.

You develop and maintain the Information Risk Management Framework to meet the business strategy, regulatory requirements and the best industry practices.

You maintain trusted relationships with our business stakeholders, e.g. Risk Owners, Chief Information Security Officer, Compliance Officer, Product Security Leads and Internal/External Audit.

**Profile**:
Bachelor's and/or Master's degree in Information Technology, Cybersecurity, Business Informatics or comparable education

5+ years of experience in Cybersecurity or IT Audit

Certifications like CISM, CRISC, CISA or similar is an advantage

Knowledge of general legal and regulatory frameworks in the financial industry, for example EBA Guidelines on ICT and security risk management, Dora, NIS2, and industry standards like ISO/IEC 2700X or NIST

Strong analytical skills, critical thinking, ability to identify problems and propose solutions

Autonomous and resilient, with strong planning and organization skills

Exceptional communication and stakeholder management skills, both verbal and written in English (German and French would be considered an asset)