ICT Risk Assurance Specialist (f/m/d)

Praha
Trvalý pracovní poměr
Plný úvazek

Před 1 měsícem

Area of work:Clearstream is a large international financial institution offering post-trade infrastructure and securities services for the international and domestic markets worldwide.The ICT risk management control function plays a pivotal role in safeguarding our organization against technological and information security risks. We partner closely with product, technology, security, and risk teams to ensure the resilience of our systems and services. We actively manage technology risks, steer ICT risk governance and framework design, perform focused risk assurance, and enable compliance for legal entities, branches, and representative offices in scope with direct reporting line to the corresponding executive boards.The ideal candidate will have a deep understanding of technology audit and security engineering background, also comfortable working cross functionally.Your responsibilities:The 2LOD Senior Associate will be working on assuring that material technology/information security technical risks are identified, analyzed, reported, and effectively remediated by relevant stakeholders.In addition, he/she will play an active role ensuring that (1) technical controls deemed necessary for the mitigation of those risks are designed and operating effectively, and (2) applicable information security compliance requirements are consistently implemented.More specifically:

Analyze information security risk-related technical problems and provides engineering and technical recommendations for solving those problems
Conduct technical security audits and support reporting on material risks
Complement existing risk and vulnerability assessments of planned and installed information systems to identify material vulnerabilities, risks, and protection needs
Actively and professionally engage with operations and IT to drive adequate security decisions

Your profile:

Master's degree in computer science, network security, or related technical field
Minimum 3 years of experience in security engineering or security audits
Strong ability to convey complex IT security issues and related technology risks in a manner that is easily understood and actionable
Ability to effectively analyze information security risks within the context of complex IT environment and to provide value-added/actionable recommendations
Ability to collaborate across multiple teams in a multicultural environment
Ability to develop a full and deep understanding of the business / IT operations and related security measures
Experience with information security regulatory compliance and information security risk management frameworks (nice to have)
Proficiency in written and spoken English, German is nice to have

Deutsche Börse Group

Odpovědět