Senior Cyber Security Engineer

Senior Cyber Security Engineer (gn)

Location: All Hubs, Stuttgart preferred

At the Boerse Stuttgart Group, we are the sixth-largest stock exchange group in Europe with strategic pillars in the capital markets business as well as in the digital and crypto business. In the capital markets sector, we operate stock exchanges in Germany, Sweden, and Switzerland, and CATS, a European over-the-counter trading network. The group also includes EUWAX AG, an internationally active broker.

Pioneers #Disruption #Blockchain #Tokenized Assets #Europe
. Are you interested in these terms? Then you've come to the right place. The Stuttgart Stock Exchange Group aims to revolutionize existing capital markets and create an open, unified capital market union in Europe through the use of blockchain technology. With the newly founded fintech Seturion in Stuttgart and BX Digital in Zurich, we are developing an innovative, pan-European and future-proof solution for the capital market. We work at the nexus of traditional financial services and new blockchain technologies.

Your Role

As
Senior Cyber Security Engineer
, you will report directly to our CTO and build a
holistic IT security function
with equal focus on the
confidentiality, integrity, and availability
of data and IT systems, alongside the specific challenges of cybersecurity.

While the gradual build-up and leadership of the IT Security team is part of your responsibilities, we are looking for someone who does not see this primarily as a management role. Instead, you bring a
hands-on IT security perspective
based on solid experience as an engineer. You are not afraid to intervene in processes, enforce necessary adjustments, and take ownership of key security operations.

This role gives a passionate IT security leader the opportunity and authority to thrive in a technically challenging environment where your contribution is seen as
absolutely critical to the company's success.

Would you like to actively shape the digital future of a leading financial company? Then apply now and become part of our team We look forward to receiving your application.

Your Tasks

• IT security framework & policies:
  Implement and oversee the company's IT security framework, define policies, standards, and key controls, and ensure they are applied consistently across all systems and processes.
• Cybersecurity by design:
  Integrate security into every phase of the system development life cycle (SecDevOps), ensuring security is a core element of product and platform design.
• Risk & compliance management:
  Continuously evaluate the company's IT risk posture, conduct risk analyses, and ensure compliance with relevant regulations and industry standards (e.g., DORA, BAIT).
• Business continuity:
  Manage business continuity planning and disaster recovery, ensuring resilience of critical systems.
• Operational security responsibilities:
  Take ownership of access management, monitoring of security-critical systems, and other high-trust security tasks.
• Certifications & audits:
  Lead IT security certification initiatives and support audits with internal and external stakeholders.
• Incident response:
  Direct incident management and crisis response, coordinating immediate actions and long-term remediation.
• Culture & awareness:
  Drive cybersecurity awareness and training programs, fostering a company-wide culture of strong security practices.
• Ownership:
  Take ownership of IT security initiatives and align with group-wide policies, with the opportunity to build, mentor, and lead a high-performing team as the function grows.
• External engagement:
  Represent the company on IT security topics in collaboration with partners, clients, auditors, and regulators.

What You Bring to the Table

• Experience:
  At least 5 years of professional experience in information security, ideally in a regulated environment (finance or crypto preferred), with exposure to both hands-on engineering and some leadership responsibility.
• Engineering background:
  Solid working experience as a systems engineer with strong technical expertise in IT infrastructure, networking, and cybersecurity technologies (e.g., firewalls, intrusion detection/prevention systems, VPNs, authentication, encryption).
• Frameworks & standards
  : Familiarity with major security frameworks and regulatory requirements, including ISO 27001, NIST Cybersecurity Framework, SOC II, CIS Controls, GDPR, DORA, BAIT, and NIS2; proven ability to implement or work with certification processes.
• Certifications:
  Professional security certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
• Education:
  University degree in computer science, information security, or a related technical field (or equivalent practical experience).
• Languages:
  Fluency in English (written and spoken) is required; German skills are a strong plus.
• Strategic mindset:
  Ability to combine a hands-on, operational approach with a forward-looking view to align security measures with business objectives.
• Startup drive:
  Pragmatic, solution-oriented, and willing to go the extra mile in a fast-paced environment where initiative and accountability are valued.

What We Offer You

• Dynamic and Innovative Environment:
  Work in the midst of a dynamic, fast-growing, and innovative sector of Digital Assets
• Challenging Tasks:
  Engage in exciting activities with opportunities for personal and professional development
• Attractive Compensation:
  Competitive remuneration that rewards success and performance
• Modern Hybrid Work Environment:
  Hybrid work opportunities in Stuttgart, Berlin, or Frankfurt with flexible working hours.
• Additional Benefits:
  Perks such as bike leasing, Workflex (up to 20 days/year working in a European country of your choice), and 30 days of vacation, plus extra days off on December 24th and 31st.
• Excellent Network:
  Access to a network of leading financial institutions and key players in the financial market.

Join our team and become part of our success story