Head of Information Security LE Governance fmd

The Group Security department directly contributes to of the Deutsche Brse Group information security strategy. As a central service provider for the Group entities Group Security is responsible to protect information assets in terms of safety integrity confidentiality authenticity and availability by enforcing information security controls based on the relevant regulatory requirements and follows the international standard ISO/IEC 27000series on the Information Security Management System.

Field of activity
Reporting to the Head of Section of Information Security Governance and Risk you will lead unit responsible for Legal Entity (LE) governance reporting and contract arrangement.
The focus of this role is to establish a riskbased view of the security posture on Group level and for selected Legal Entities which includes Deutsche Brse AG. The is will view will be the foundation of the Group Security reporting. Additionally the unit will be responsible to the contracts with subsidiaries and associated KPIs. The combination of service levels on one side and reporting of the security posture will be the main driver to drive the security posture cross the Deutsche Brse Group.

As a line manager people management must be an integral part of your agenda. You are expected to actively work on your teams and team members personal development by proposing development measures and creating visibility for talent. As part of the Group Security Leadership team you will be tasked to make an effective contribution towards increasing the teams diversity.

Tasks/responsibilities

• You lead a team of subject matter experts on Information Security
• You manage the creation of a standardized view on the security posture of Deutsche Brse Group Deutsche Brse AG and subsidiaries. This view will become the main tool to steer and influence the security posture jointly with the senior management of Groups Security and the CIO/COO function.
• You manage to create a standard reporting pulling relevant data points on the gaps and security information with the use of data analytics and a common reporting engine
• You manage the Services between DBAG and subsidiaries
• You maintain a good working relationship to the Group within Group Security to synchronize the view on the security posture
• You establish the main interface to the business to make the status of the Information Security posture transparent and run regular session pulling required expertise into these sessions as per your regression.
• You are responsible for staffing performance assessment career path planning training and coaching/mentoring for all team members

Qualifications/required skills

• University degree in Computer Science Information Systems or a related field
• 5 years of work in Information Security with management/project experience
• Excellent people management skills experience of managing international teams
• Indepth knowledge of relevant legal and regulatory frameworks in the financial industry (e.g. MaRisk BAIT German BSI ITGrundschutz CSSF circulars) and industry standards (e.g. ISO/IEC 2700x NIST COBIT)
• Ability to translate regulatory requirements into operational plans and actions
• Solid knowledge and understanding of Cyber Security technologies processes and methodologies (e.g. SIEM SOAR IDS/IPS threat analysis incident response forensics analysis Chain MITRE ATT&CK)
• Strong technical background and practical knowledge in relevant IT Security solutions
• Excellent analytical skills creativity critical thinking ability to identify problems and propose solutions
• Excellent presentation and interpersonal skills
• Ability to work under high pressure
• Proficiency in written and spoken English and German