Team Lead Threat Intelligence and Threat Hunting

Build the future of financial markets. Build yours.

Ready to make a real impact in the financial industry? At Deutsche Börse Group, we'll empower you to grow your career in a supportive and inclusive environment. With our unique business model, driven by 15,000 colleagues around the globe, we actively shape the future of financial markets. Join our One Global Team

Want to learn more?

Who we are

Deutsche Börse Group is one of the world's leading exchange organisations and an innovative market infrastructure provider. With our products and services, we ensure that capital markets are fair, transparent, reliable, and stable. Together, we develop state-of-the-art IT solutions and offer our IT systems all over the world. Play a key role in our mission: to create trust in the markets of today and tomorrow.

Frankfurt am Main

Your career at Deutsche Börse Group

Your area of work:

The Group Security department directly contributes to execution of the Deutsche Börse Group information security strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets in terms of safety, integrity, confidentiality, authenticity, and availability by enforcing information security controls based on the relevant regulatory requirements and follows the international standard ISO/IEC 27000-series on the Information Security Management System.

Reporting to the Head of Cyber Defense, you will lead Threat Intelligence and Threat Hunting unit, accountable for providing regular cyber and geo-political threat intelligence (TI) updates to senior management, and support Group Security management in board-level presentations, emphasizing effective collaboration with internal stakeholders. Daily interactions occur with senior individuals across Deutsche Börse Group's global businesses, and engagement extends to government agencies, financial organizations, and cybersecurity communities to exchange information and best practice.

Operating strategically and globally, the role ensures TI policies adapt to diverse business landscapes and evolving cyber threats. Tactically, focus lies on current and imminent cyber threats, entailing the development and fine-tuning of threat detection and response mechanisms. Operationally, the role manages day-to-day TI activities, guiding the team in real-time data analysis and ensuring timely responses to threats, aligning activities with strategic and tactical goals. As a line manager, people management must be an integral part of your agenda. You are expected to actively work on your teams' and team member's personal development by proposing development measures and creating visibility for talent. As part of the Group Security Leadership team, you will be tasked to make an effective contribution towards increasing the team's diversity.

Your responsibilities:

• Accountable for developing and implementing Deutsche Börse Group's global threat intelligence (TI) strategy.
• Assess global threat trends and formulate high-level policies for long-term TI vision.
• Oversee the development of real-time threat detection and response mechanisms.
• Conduct regular risk assessments and devise specific countermeasures for imminent cyber and geo-political threats.
• Direct day-to-day threat intelligence activities, ensuring real-time monitoring and analysis of data.
• Lead and mentor a diverse team of 4-5 TI professionals, fostering a collaborative workforce.
• Engage with internal and external stakeholders for information sharing and joint initiatives.
• Provide clear and concise reports on current threats to global senior management.
• Execute key operational decisions with high impact on attacks and threats, incorporating intelligence for enhanced proactive and reactive operations.

Your profile:

• University degree in Information Systems, Political Science, or a related field.
• 5+ years of work in TI role with management/project experience.
• Excellent people management skills, experience of managing international teams.
• In-depth knowledge of relevant legal and regulatory frameworks in the financial industry (e.g., MaRisk, BAIT, German BSI IT-Grundschutz, CSSF circulars) and industry standards.
• Ability to translate regulatory requirements into operational plans and actions.
• Solid knowledge and understanding of cyber technologies, processes, and methodologies (e.g., SIEM, IDS/IPS, threat analysis, incident response, forensics analysis, MITRE ATT&CK).
• Deep understanding and experience with dark web intelligence gathering, as well as applying the gathered intelligence in the context of a dynamic and fast-paced investigation.
• Expertise with tools that enable threat intelligence collection, analysis, and research.
• Excellent analytical skills, creativity, critical thinking, ability to identify and present problems and to propose solutions.
• Proficiency in written and spoken English and German.

Why Deutsche Börse Group?

We are committed to providing a work environment where everyone feels welcome and can reach their full potential. Our standards go far beyond simply matching candidates with the right position.

Mobility

We enable you to move freely with our job tickets, job (e-)bikes and free parking opportunities.

Work environment

Collaboration, communication, or deep focus – in our modern office buildings you will find the perfect work environment. Free drinks and food and meal allowances included.

Health and wellbeing

We care for your health and wellbeing and besides various health promotion measures we offer you a group accident insurance and additional insurance offers at discounted rates.

Financial stability

We provide financial stability by offering attractive salaries, company pension schemes, participation in our Group Share Plan, as well as bonuses, subsidies and discounts.

Hybrid work

Collaborate and exchange on-site or work remotely several days a week in line with business needs and local regulations. Our hybrid working model combines the best of both worlds.

Flexible working hours

We want your job to fit your life situation and offer flexible working time models, childcare allowance, or the possibility to study alongside your job.

Internationality

Our market infrastructures are globally connected. Working with us means collaborating with like-minded colleagues across over 60 locations from more than 100 nations.

Development

We promote individual development by offering internal development programmes, mentoring, further education and training budgets.

Contact

Recruiting Team

Take your career to the next level with us and embrace new challenges

Our Recruiting Team is looking forward to your call or e-mail.

---