Field of activity
The Settlement department is responsible of real-time banking applications in the post-trade processing area of Clearstream/Deutsche Boerse Group. The application landscape consists of several critical C++ and Java applications which are interacting with large databases and several non-Settlement owned applications. Information Security aspects are key concerns in all applications due to the daily challenges and requirements of the financial sector.
- Work with business and IT projects to develop and enhance information security concepts and coordinate the tracking of deliverables with other areas of information security and product organization
- Ensure that all security risks in committed projects are identified, evaluated and that recommended security controls are implemented
- Describe software requirements originating from IT Security requirements
- Assist application owners assessing security risks and planning/executing security measures related to the applications in scope
- Complete all scheduled security administration tasks and report/follow-up exceptions to the application owners of the department.
- Ensure consistency and completion of planned security measures within the department through coordination with the Deutsche Boerse Group information security department and with other security analysts across three locations : Luxembourg, Prague and Eschborn
- Maintain a high level of procedural documentation in line with international standards of Quality Management
- Achieve compliance with internal and external standards applicable to the design and documentation of solutions or mitigated actions
- Identify area of improvements and propose enhancements to existing processes
- Stay abreast of new information security technologies and integrate into information security architecture design
- Strengthening of 1st line of defence function of Settlement IT
- Holder of a University degree in IT or other relevant discipline
- Minimum 1-3 years of relevant work experience in IT projects, processes, audits in the information security field
- Excellent analytical skills and experience to understand, structure and explain complex topics
- Understanding and/or experience in network security, SIEM, code scanning, and IDPS concepts.
- Understanding and/or experience in application/computer/network penetration testing and techniques
- Team orientation and strong communication skills
- Very good IT skills
- Knowledge of general legal and regulatory conditions and requirements in the financial industry in Luxembourg or/and Germany. For example ISO 2700X, Legislative framework and key obligations for Professionals of the Financial Sector (PSF) in Luxembourg, German BSI IT Grundschutz, COBIT, Marisk
- Proficiency in written and spoken English. French and/or German would be an asset.