DevSecOps Engineer - Energy (f/m/d)

Deutsche Börse Group is a financial services provider covering the full value chain of trading, clearing, settlement and market data for stocks and derivatives. Our global success is based on our highly integrated and automated IT solutions that form the core of Deutsche Börse and allow companies and investors accessing global capital markets. More than a thousand of employees implement IT strategies through technological applications grouped in several key Sections, thereby ensuring the competitiveness of the entire Group. For our Section "Energy”, we are looking for a dedicated Security Engineer to overlook our globally leading trading systems for energy and commodities markets. The tradable instruments cover a wide variety such as Power Spot instruments, commodity futures and OTC cleared derivatives most of which are tradable 24/7, 365 days a year.
 

Your area of work:

Security Engineering and Automated Operations is part of how we keep our customers safe in a continuously changing world. Being DevSecOps Engineer, you will be joining to a cross location Systems Engineering team who is responsible for 24/7 mission critical infrastructure of Commodities Trading and Clearing Systems and platforms with Everything as Code approach. With the responsibility of enhancing IT security across our product-based organization you will be contributing with the design, deploy, and operation of solutions to strengthen our security backbone.

This position requires a profile with a security background on both OnPrem/Cloud environments. You will be expected to identify vulnerabilities and security flaws proactively, determine the potential risk of reported issues quickly, drive for the right architecture decisions across many teams to harden our infrastructure and educate other members of the technical teams.

Your responsibilities:

• Contribute designing security strategies and corresponding controls upfront into the services and products of Energy IT
• Foster knowledge sharing and skill transfer.
• Support the lead security engineer in acting as primary interface to other internal teams.
• Ensure necessary security controls, tools and standards are deployed according to design.
• Enhance the quality in secure infrastructure and remove toil work through everything as code approach.
• Provide subject matter expertise for compliance requirements based on corresponding information security standards.
• Proactively assess existing cloud-based Energy IT solutions, identify weaknesses and corresponding mitigations
• Support the Risk Management and Vulnerability Management processes.
• Support external vendors for performing annual penetration tests.
• Collaborate with internal Dev and Ops units to establish IT security best practices.
• Create technical and procedural documentation to be shared with necessary stakeholders.
   

Your profile:

• Bachelor's degree or equivalent in Computer Science, Information Systems Management, Information Technology, or other related discipline
• 2+ years’ professional experience as a Security Engineer
• Strong knowledge of security protocols and standards
• Hands-on experience for on-prem security hardening on Linux based systems
• Hands-on experience with cloud security hardening, cloud provider ecosystems (GCP)
• Knowledge of PAM and IAM work frames
• Familiar with the security hardening of DevOps processes
• Familiar with Risk Management and Vulnerability Management
• Strong documentation skills
• Ability to bridge between IT and Corporate staff such as Legal, Compliance and Audit sections
• Hands-on experience in designing and implementing automated security testing
• Strong written and oral communication and analytical problem-solving skills
• Good understanding of regulatory conditions and requirements in the finance IT (BaIT, KRITIS, etc.)
• CISSP certification is a plus. (E.g ISO 2700x, German BSI IT Grundschutz, COBIT, MaRisk)