Information Security Specialist (Clearing and Settlement Systems) (f/m/d)

Your area of work:
Deutsche Börse Group is one of the largest exchange organizations worldwide. Information Technology designs, builds, and operates the technological infrastructure of the company. These highly integrated and automated IT systems are essential to our success. The Settlement department is responsible of real-time banking applications in the post-trade processing area of Clearstream/DBAG.

We are looking for Information Security Specialist to work in our team located in Prague, Czech Republic. Main tasks and responsibilities focus on assessments and analyses of security standards, vulnerabilities, risks etc. for business-critical applications developed & maintained within our unit.

Your responsibilities:

• Work on Security Documentation, Authorization Concepts, Risk Assessments, taking care about opened risks tracing when the proper solution will be implemented.
• Participation and assistance during the penetration testing.
• Ensuring that all security risks in committed projects are identified, evaluated and that recommended security controls are implemented.
• Description of software requirements originating in IT Security requirements.
• Assistance to application owners assessing security risks and planning/executing security measures related to the applications in scope.
• Maintenance of high level of procedural documentation complying with international standards of Quality Management
• Achieve compliance with internal and external standards applicable to the design and documentation of solutions or mitigated actions.
• Stay abreast of new information security technologies and integrate into information security architecture design.

Your profile:

• Bachelor's and/or Master’s degree in IT, Cybersecurity, Business Informatics or comparable education
• At least 1 year of experience in Cybersecurity / ISRM
• Experience in IT audit will be of advantage
• Knowledge of general legal and regulatory frameworks in the financial industry, e.g., EBA Guidelines on ICT and security risk management, NIS2, MaRisk, and industry standards like ISO/IEC 2700x or NIST
• Knowledge of Risk management methodologies and technical mitigation understanding
• Good understanding of technology concepts
• Understanding of basic Security framework concepts
• Cloud fundamentals (GCP*) will be adding an advantage
• Docker, Kubernetes/OCP basics would be plus
• Strong analytical skills, critical thinking, ability to identify problems and propose solutions
• Analytical and problem-solving skills
• Nice to have vulnerability management concepts and procedure
• Knowledge of Agile methodology would be strong asset
• Proficiency in written and spoken English

You can look forward to our benefit package:

• Hybrid Work and Flexible working hours
• Work from abroad - 12 days of remote work from EU countries per year
• Group Share Plan - discount on company shares
• Pension fund contribution - 3% of your gross salary (5% after 5 years with us)
• Health & Wellbeing - fully covered Multisport card, life & accident insurance, sick days and 100% salary contribution during sick leave (up to 56 days)
• 25 vacation days
• Mobility - fully covered public transport in Prague & free parking
• Flexible Benefit Account (Pluxee) - 1200 per month
• Personal Development - annual budget of €690 ... and way more!