Job
- Level
- Senior
- Job Feld
- IT, Security
- Anstellung
- Vollzeit
- Vertragsart
- Unbefristetes Dienstverhältnis
- Ort
- Frankfurt am Main
- Arbeitsmodell
- Onsite
Job Zusammenfassung
In dieser Rolle agierst du als Experte für Kryptographie, entwickelst Sicherheitsrichtlinien, führst Risikoanalysen durch und unterstützt die Implementierung von Verschlüsselungsprotokollen in verschiedenen Projekten.
Deine Rolle im Team
- As part of the Cyber Protection - Detect & Prevent unit, you will join a highly skilled, geographically distributed team of cybersecurity specialists based in Eschborn, Luxembourg, Prague and Hyderabad.
- In this senior role, you will act as a cryptography subject-matter expert with a strong focus on governance, policy management, risk oversight and assurance.
- You will contribute to the definition, evolution and oversight of Deutsche Börse Group's cryptographic and key-management protocols and algorithms to support the development, implementation, and evaluation of secure systems and applications, ensuring alignment with internal security frameworks and regulatory expectations.
- You will work closely with cybersecurity teams, application owners, Corporate IT, cloud and architecture teams to ensure robust security design, consistent policy adherence and resilience against evolving threats.
- Maintain, review and further develop group-wide written rules related to encryption, key management and cryptographic controls.
- Ensure policies, governance models and procedural requirements remain compliant with regulatory expectations and internal risk frameworks.
- Define clear organisational responsibilities for cryptographic measures and key-management processes across Legal Entities and Corporate IT.
- Lead periodic guideline reviews, ensuring updates reflect new risks, standards, regulatory changes and emerging cryptographic developments.
- Define and maintain control requirements for encryption and key-management processes, including governance expectations for PKI, certificates and key lifecycle management.
- Oversee documentation requirements for PKI architecture, certificate authorities and key/certificate registers.
- Validate that governance principles such as separation of duties, multiple-eyes controls, and access-management rules are correctly defined and applied.
- Coordinate assurance activities and support oversight of compliance with cryptographic governance requirements.
- Conduct and support cryptographic risk assessments, including evaluations of deviations, exceptions or compensating measures.
- Analyse the impact of cryptographic policy changes or new regulatory requirements on the organisation's risk posture.
- Support audit readiness and act as a primary contact for internal/external auditors and regulators on cryptography governance topics.
- Oversee incident-response processes as they relate to cryptographic key compromise, certificate issues or governance breaches.
- Provide expert guidance on the secure design and governance of cryptographic protocols, architectures and high-level security mechanisms (TLS, IPsec, digital signatures, PKI, cloud encryption).
- Partner with Corporate IT, application teams and cloud/security architects to ensure compliant implementation of cryptographic policies and governance requirements.
- Support major projects, new product introductions and architectural changes with cryptography governance expertise.
- Engage in cross-functional working groups focused on cryptography, secure communications and data-protection topics.
Unsere Erwartungen an dich
Ausbildung
- Bachelor's or Master's degree in Computer Science, Mathematics, Cybersecurity or a related field.
Qualifikationen
- Strong understanding of symmetric and asymmetric cryptography (e.g., AES, RSA, ECC)., cryptographic protocols and PKI principles.
- Familiarity with key-management systems, hardware security modules (HSMs), certificate lifecycle management and cloud security concepts (high-level understanding; implementation performed by Corporate IT).
- Solid foundation in security governance, security architecture principles or risk management.
- Ability to communicate complex cryptographic and governance concepts clearly to both technical and non-technical audiences.
- Strong attention to detail combined with an analytical mindset and excellent problem-solving skills.
- Proven ability to work collaboratively in cross-functional teams and engage effectively with diverse stakeholders.
- Proficiency in written and spoken English is required; German language skills are a strong plus.
- Highly motivated, adaptable and proactive in learning and staying current with emerging cryptographic and regulatory developments.
Erfahrung
- Hands-on experience in applied cryptography, information security, risk management or security governance.
Benefits
Work-Life-Integration
Gesundheit, Fitness & Fun
Mehr Netto
Essen & Trinken
Themen mit denen du dich im Job beschäftigst
Job Standorte
Das ist dein Arbeitgeber
Deutsche Börse AG
Deutsche Börse Group ist eine der größten Börsenorganisationen weltweit. Als Finanzmarktplatzbetreiber bietet das Unternehmen ein Portfolio an Dienstleistungen entlang der gesamten Wertschöpfungskette: Handel und Clearing von Wertpapieren und Derivaten, Netting und Abwicklung von Transaktionen, Depoteröffnung und Bereitstellung von Marktdaten.
Description
- Sprachen
- Englisch
- Unternehmenstyp
- Etablierte Firma
- Arbeitsmodell
- Hybrid, Onsite
- Branche
- Banken, Finanz, Versicherung
Data Security Specialist - Cryptography
- Ort
- Frankfurt am Main
- Arbeitsmodell
- Onsite
- Diversität
- Für alle Personen geeignet (m/w/d)
