Information Security Architect (f/m/d)

The Group Security department directly contributes to the execution of the Deutsche Börse Group information security strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets in terms of safety, integrity, confidentiality, authenticity and availability by enforcing information security controls based on the relevant regulatory requirements and the international standards like ISO 27000-series.

Your area of work:
The Information Security Architect role plays a critical role in the overall organization. You maintain strong relationships with internal and external stakeholders around information security and have a holistic view on the security tools and capabilities that we offer or are working on improving or creating. You will work with stakeholders across the organisation to improve security and drive change in the organisation by developing concepts, strategies and presenting and communicating these to stakeholders for positive change. Moreover, you will consult key stakeholders or in key projects and initiatives with your good experience in information security.

Your Responsibilities:

• Collaborate with stakeholders to identify and document security capability gaps and opportunities, and develop strategies or security concepts to address these.
• Maintain and update an overview of security capabilities and tools, providing management and stakeholders with a comprehensive view of where we are and plan to go.
• Develop and align security concepts and strategies with stakeholders, ensuring effective implementation.
• Develop and maintain architecture principles around security and review and update IT principles with stakeholders.
• Create and maintain a comprehensive Security Strategy that meets enterprise needs, working closely with Enterprise Architecture, IT Strategy, and Group Security stakeholders.
• Provide expert advice on security architecture to stakeholders, including IT, and offer consultation on key security topics and initiatives.
• Work with Enterprise Architecture and IT architects to enhance security by identifying opportunities for consolidation, automation, and innovation.
• Consult, advise and coordinate with stakeholders on security standards & written rules and how they can be met using existing capabilities.
• Represent the organization both internally and externally in matters related to information security.

Your Profile:

• Bachelor/Master degree in Information Security or Technology or equivalent.
• Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), TOGAF (The Open Group Architecture Framework), and/or technical certification and training.
• Proven experience in information security for several years with deep knowledge in specific security domains.
• Ideally good experience in public cloud security concepts, threats, and security risks and opportunities.
• Familiarity with security frameworks and standards used globally.
• Ability to translate regulatory requirements into operational plans and actions.
• Minimum of 5 years’ experience in Information Security with a focus on above.
• Experience in structuring options and presenting these to senior management in presentations.
• Proactive thinking and self-paced work on solutions.
• Strong analytical skills, creativity, critical thinking, ability to identify problems and propose solutions.
• Excellent presentation and interpersonal skills. Ability to be self-driven and paced as well as being a team player.