Cyber Security Risk Management Specialist

**Build the future of financial markets. Build yours.**:
Ready to make a real impact in the financial industry? At Deutsche Börse Group, we'll empower you to grow your career in a supportive and inclusive environment. With our unique business model, driven by 15,000 colleagues around the globe, we actively shape the future of financial markets. Join our One Global Team

**Want to learn more?**

**Who we are**:
Deutsche Börse Group is one of the world’s leading exchange organisations and an innovative market infrastructure provider. With our products and services, we ensure that capital markets are fair, transparent, reliable, and stable. Together, we develop state-of-the-art IT solutions and offer our IT systems all over the world. Play a key role in our mission: to create trust in the markets of today and tomorrow.

Frankfurt am Main

**Your career at Deutsche Börse Group**:
The Group Security department directly contributes to the Deutsche Börse Group ICT strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets in terms of safety, integrity, confidentiality, authenticity and availability by enforcing ICT controls based on the relevant regulatory requirements and the international standards like ISO 2700x-series on the Information Security Management System.

**Area of work**:
In this role, you will have a unique opportunity to contribute to a growing department at the heart of a dynamic global capital markets business. As part of the Information Security Risk Management team, you will help enforce the ICT Risk Framework in close collaboration with the CISO, Group Risk, Compliance Management, and Data Privacy functions.

Your primary focus will be on Cybersecurity Risk Management, our core area of expertise. You will act as a trusted advisor to business partners and senior management, providing expert consultation on cybersecurity risk matters. In addition, you will support a variety of ICT risk-related initiatives, helping to ensure that solutions are robust, compliant with regulatory requirements, our business strategy and aligned with industry best practices.

Your proactive mindset and strong interpersonal skills will be key to building trust and fostering collaboration with stakeholders across business and technology. You will thrive in a friendly, cooperative, and supportive environment that values initiative and teamwork.

**Your responsibilities**:

- Provide expert consultation to the organization on Cyber Security Risk Management matters supporting informed decision-making.
- Support the development and implementation of risk treatment plans, ensuring appropriate mitigation strategies are in place.
- Maintain and enhance risk assessment methodologies and tools to ensure consistency and effectiveness.
- Collaborate with internal stakeholders (e.g., asset owners, security teams, risk decision makers) to identify, evaluate, and mitigate cyber risks.
- Monitor and report on the status of identified risks and treatment actions, ensuring timely resolution and escalation where necessary.
- Contribute to the continuous improvement of the ICT Risk Framework and related policies and procedures.
- Assist in preparing documentation and evidence for internal audits and regulatory reviews.

**Your profile**:

- Master’s degree in information technology, Cybersecurity, Business Informatics or comparable education.
- 3+ years of experience in IT risk management, Cybersecurity, GRC, IT Audit or similar.
- Familiar with general legal and regulatory frameworks in the financial industry, for example DORA, NIS2, EBA Guidelines on ICT and security risk management, and industry standards like ISO/IEC 2700x or NIST.
- Certifications like CRISC, CISA, ISO 27001 Lead Implementer or similar is an advantage.
- Strong analytical skills and problem-solving skills, with attention to detail.
- Autonomous and resilient, with strong planning and organization skills.
- Excellent communication and interpersonal skills, with the ability to engage stakeholders across all levels both verbal and written in English (German would be considered an asset).

**Why Deutsche Börse Group?**:
**Mobility**:
We enable you to move freely with our job tickets, job (e-)bikes and free parking opportunities.

**Work environment**:
Collaboration, communication, or deep focus - in our modern office buildings you will find the perfect work environment. Free drinks and food and meal allowances included.

**Health and wellbeing**:
We care for your health and wellbeing and besides various health promotion measures we offer you a group accident insurance and additional insurance offers at discounted rates.

**Financial stability**:
We provide financial stability by offering attractive salaries, company pension schemes, participation in our Group Share Plan, as well as bonuses, subsidies and discounts.

**Hybrid work**:
Collaborate and exchange on-site or work remotely several days a week in