Join our international team that drives positive change, united by a spirit of openness and curiosity. We empower you to have an impact and to grow – personally and professionally. With us, you work at the heart of financial systems and evolve the way markets operate. We’re excited about the future because we are the ones shaping it. Let´s do this together by sharing value!
DevSecOps Engineer - Energy (f/m/d)
Deutsche Börse AG • Frankfurt am Main, Prague
Learn. Develop. Grow. But always: Share value
Who we are
Tracing its origins to 1585, Deutsche Börse Group has become one of the world’s leading exchange organisations and an innovative market infrastructure provider. In this role, we provide investors, financial institutions and companies access to global capital markets. What’s your part in all this? With your commitment you contribute to the success of our unique business model: offering a wide range of products, services and technologies for security, transparency and integrity on the markets. By creating trust in the markets of today and tomorrow we foster growth and contribute to the prosperity of future generations.
Frankfurt am Main, Prague
Your career at Deutsche Börse Group
Deutsche Börse Group is a financial services provider covering the full value chain of trading, clearing, settlement and market data for stocks and derivatives. Our global success is based on our highly integrated and automated IT solutions that form the core of Deutsche Börse and allow companies and investors accessing global capital markets. More than a thousand of employees implement IT strategies through technological applications grouped in several key Sections, thereby ensuring the competitiveness of the entire Group. For our Section "Energy”, we are looking for a dedicated Security Engineer to overlook our globally leading trading systems for energy and commodities markets. The tradable instruments cover a wide variety such as Power Spot instruments, commodity futures and OTC cleared derivatives most of which are tradable 24/7, 365 days a year.
Your area of work:
Security Engineering and Automated Operations is part of how we keep our customers safe in a continuously changing world. Being DevSecOps Engineer, you will be joining to a cross location Systems Engineering team who is responsible for 24/7 mission critical infrastructure of Commodities Trading and Clearing Systems and platforms with Everything as Code approach. With the responsibility of enhancing IT security across our product-based organization you will be contributing with the design, deploy, and operation of solutions to strengthen our security backbone.
This position requires a profile with a security background on both OnPrem/Cloud environments. You will be expected to identify vulnerabilities and security flaws proactively, determine the potential risk of reported issues quickly, drive for the right architecture decisions across many teams to harden our infrastructure and educate other members of the technical teams.
- Contribute designing security strategies and corresponding controls upfront into the services and products of Energy IT
- Foster knowledge sharing and skill transfer.
- Support the lead security engineer in acting as primary interface to other internal teams.
- Ensure necessary security controls, tools and standards are deployed according to design.
- Enhance the quality in secure infrastructure and remove toil work through everything as code approach.
- Provide subject matter expertise for compliance requirements based on corresponding information security standards.
- Proactively assess existing cloud-based Energy IT solutions, identify weaknesses and corresponding mitigations
- Support the Risk Management and Vulnerability Management processes.
- Support external vendors for performing annual penetration tests.
- Collaborate with internal Dev and Ops units to establish IT security best practices.
- Create technical and procedural documentation to be shared with necessary stakeholders.
- Bachelor's degree or equivalent in Computer Science, Information Systems Management, Information Technology, or other related discipline
- 2+ years’ professional experience as a Security Engineer
- Strong knowledge of security protocols and standards
- Hands-on experience for on-prem security hardening on Linux based systems
- Hands-on experience with cloud security hardening, cloud provider ecosystems (GCP)
- Knowledge of PAM and IAM work frames
- Familiar with the security hardening of DevOps processes
- Familiar with Risk Management and Vulnerability Management
- Strong documentation skills
- Ability to bridge between IT and Corporate staff such as Legal, Compliance and Audit sections
- Hands-on experience in designing and implementing automated security testing
- Strong written and oral communication and analytical problem-solving skills
- Good understanding of regulatory conditions and requirements in the finance IT (BaIT, KRITIS, etc.)
- CISSP certification is a plus. (E.g ISO 2700x, German BSI IT Grundschutz, COBIT, MaRisk)
Why Deutsche Börse Group?
We are committed to providing a work environment where everyone feels welcome and can reach their full potential. Our standards go far beyond simply matching candidates with the right position.
We enable you to move freely with our job tickets, job (e-)bikes and free parking opportunities.
Collaboration, communication, or deep focus – in our modern office buildings you will find the perfect work environment. Free drinks and food and meal allowances included.
Health and wellbeing
We care for your health and wellbeing and besides various health promotion measures we offer you a group accident insurance and additional insurance offers at discounted rates.
We provide financial stability by offering attractive salaries, company pension schemes, participation in our Group Share Plan, as well as bonuses, subsidies and discounts.
Collaborate and exchange on-site or work remotely several days a week in line with business needs and local regulations. Our hybrid working model combines the best of both worlds.
Flexible working hours
We want your job to fit your life situation and offer flexible working time models, part-time models, childcare allowance, or the possibility to study alongside your job.
Our market infrastructures are globally connected. Working with us means collaborating with like-minded colleagues across over 60 locations from more than 100 nations.
We promote individual development by offering internal development programmes, mentoring, further education and training budgets.