Tracing its origins to 1585, Deutsche Börse Group has become one of the world’s leading exchange organisations and an innovative market infrastructure provider. In this role, we provide investors, financial institutions and companies access to global capital markets. By creating trust in the markets of today and tomorrow we foster growth and contribute to the prosperity of future generations. What’s your part in all this? With your commitment you contribute to the success of our unique business model: offering a wide range of products, services and technologies, covering the entire value chain of global financial markets.
Information Security Risk Assurance Officer
Clearstream Banking S.A. • Luxembourg
Who we are
Your career at Deutsche Börse Group
Clearstream Banking S.A.
As an international central securities depository (ICSD) headquartered in Luxembourg, Clearstream Banking S.A. operates the post-trading business – i.e. issuance, settlement and custody – for the Eurobond market and services for securities from over 55 domestic markets worldwide.
Field of activity:
Clearstream is an international financial institution offering post-trade infrastructure and securities services for markets worldwide with more than €14 trillion in assets under custody and 2,500 customers in 110 countries.
Clearstream Information Security (IS) second line of defense organization is responsible for information security governance, cyber resilience strategy, risk management and oversight, and assurance and compliance activities worldwide for legal entities, branches, and representative offices in scope with direct reporting lines to the corresponding executive boards.
The Information Security Risk Assurance Analyst will support the Chief Information Security Officer of Clearstream Banking S.A. in the implementation, maintenance and monitoring of a strategic and comprehensive Enterprise IS Risk Management Program within the Second Line of Defense that governs and enables IS Risk management activities, oversees risk profile and controls the effectiveness of remedial measures in accordance with internal policies, regulatory expectations and evolving business strategy.
Ensure that relevant cyber threats, significant security vulnerabilities, and security risks are identified, analyzed, tracked, reported, remediated by the First Line of Defense, and effective in reducing risk levels.
- Support the implementation and maintenance of the information security governance and risk assurance programs, including the analysis of the threat landscape, assessment of significant vulnerabilities, and reporting on risk profile.
- Complement existing risk and vulnerability assessments of planned and installed information systems to identify additional protection needs.
- Analyze information security risk assurance-related outcome(s) and provide engineering and technical recommendations to mitigate weaknesses.
- Actively and professionally engage with IT operations and IT/Business products to enable adequate risk decisions (with the support of a senior analyst).
- Review the root-causes of security breaches and incidents, research and recommend changes to information security framework to strengthen policy requirements.
- Develop an understanding of Post-trade business and progressively reframe technical risk discussions in business terms.
- Contribute into security awareness and remedial efforts combining pragmatic approaches with sound judgment.
- Ensure employees and third parties understand, acknowledge, and fulfill all applicable information security policy requirements.
- Master’s degree in computer science, network security, or business informatics.
- 3 to 6 years of experience in information security risk management, IT security, physical security, and/or IT audit in the financial sector.
- Penetration testing background (nice to have).
- Strong ability to convey complex IT security issues, security risks, and compliance requirements in a manner that is easily understood and actionable.
- Demonstrate proven capabilities in vulnerabilities identification and risk analysis within a complex IT environment.
- Ability to constructively challenge dominant thoughts, processes, and implemented measures.
- Experience in providing value-added, actionable, and pragmatic recommendations.
- Experience with information security regulatory compliance and information security risk management frameworks (e.g., ISO/IEC 27001/27002, COBIT, NIST, etc.)
- Having good understanding of Clearstream mission, values, and strategy (nice to have).
- Ability to develop a deep understanding of the business / IT operations and IS risk profile of the organization.
- Ability to collaborate across multiple teams in a multicultural environment.
- Ability to work on multiple deliverables with strict deadlines.
- Excellent written and verbal communication skills.
- Proficiency in written and spoken English, preferable at least basic knowledge of German and/or French.
Why Deutsche Börse Group?
We are committed to providing a work environment which makes our employees both feel at ease and reach their full potential. Our standards go far beyond simply matching candidates with the right position.
Careers with a future
Whether you are an apprentice, a trainee, a young or experienced professional – with us your career is off to a good start that holds many different paths to develop and reach the next level. Your professional future is in your hands – as a manager, expert or project manager. You can count on our support as well as further education and training measures.
Diversity & Inclusion
We embrace diversity. As the cornerstone of our success, your contribution counts – irrespective of gender, nationality, ethnic or social background, religion or worldview, disability, age, sexual preference and identity.
Exciting, cutting-edge projects
“Boredom” is a concept unknown to us. With us you are part of a company that is shaping the future and where you can make a difference and actively participate – by supporting companies and start-ups going public, developing trading technologies or designing the cloud infrastructure for a highly regulated environment.
We at Deutsche Börse create trust in the markets of today and tomorrow. Our collaborative efforts are defined by integrity, responsibility and transparency as well as by mutual respect and appreciation, both within our organisation and externally.
Our market infrastructures are connected globally: whether in Singapore, London, Chicago, Luxembourg or Dubai – working with us means collaborating with colleagues and teams across 40 locations from more than 100 nations
Security and growth
Our company is experiencing healthy growth, not least due to our diversified business model. As a globally active exchange organiser, we provide market participants with consistently safe infrastructures that stimulate growth along the entire value chain. For you this means: a secure and promising workplace!
Our employees work in great teams and therefore enjoy working with us. This is reflected in our annual employee surveys. No matter how great the challenges posed by the markets might be – we support each other, work together closely to successfully complete projects and face change with a positive, collaborative approach.
We offer a work environment, in which professional and private life can interact individually. Flexible working time models, allowance for childcare, working remotely, studying alongside your job or part-time models – we give you the opportunity to adapt your job to your life situation.