ICT Risk Assurance Specialist (f/m/d)

• Prepare and execute assessments / testing to ensure that the control requirements are effectively implemented by first line
• Identify areas of weakness and potential for improvement, devising practical solutions to enhance controls and processes
• Prepare detailed assessment reports and communicate findings to relevant stakeholders
• Provide expert guidance and support to enhance the organization's security posture
• Follow up on results and recommended improvements related to assessments to ensure timely resolution and implementation
• Contribute to the continuous improvement of ICT Risk Assurance methodologies, frameworks, and processes to ensure their ongoing effectiveness
• Support the development and organization of the scope for ICT risk assurance activities
• Validate regulatory findings and corrective actions to ensure compliance with relevant regulations and standards

• Successfully completed university degree (bachelor, master, or comparable) in a relevant field
• Minimum 2 years of experience in IT/Information Security, ideally in external/internal audit, second line assurance, or implementation roles
• Experience in the financial sector, preferably within EU-regulated environments; familiarity with BAIT, MaRisk, CSSF, and DORA is a plus
• Proven knowledge of common IT standards such as CSA-CCM, COBIT, BSI Grundschutz, ITIL, ISO/IEC 27000 series and professional certifications, e.g. CISA, CISM, CISSP, CEH, or CIA are preferred
• Strong understanding of the Three Lines of Defense model, risk management frameworks, methodologies, and best practices
• High analytical skills, quick conceptual understanding of complex matters and thinking outside the box
• Strong interpersonal and communication skills, with the ability to engage senior stakeholders effectively
• Very good knowledge of English language, both written and spoken; German is an advantage

Deutsche Börse Group