Associate - Senior Information Risk Specialist [T500-21490]

About Deutsche Börse Group :

Headquartered in Frankfurt, Germany, Deutsche Börse Group is a leading international exchange organization and market infrastructure provider. They empower investors, financial institutions, and companies by facilitating access to global capital markets.

Their India centre is located in Hyderabad, serves as a key strategic hub and comprises India’s top-tier tech talent. They focus on crafting advanced IT solutions that elevate market infrastructure and services. Deutsche Börse Group in India is composed of a team of capital market engineers forming the backbone of financial markets worldwide.

Your area of work :

The Group Security department directly contributes to execution of the Deutsche Börse Group information security strategy. As a central service provider for the Group entities, Group Security is responsible to protect information assets, including suppliers, in terms of safety, integrity, confidentiality, authenticity, and availability by enforcing information security controls based on the relevant regulatory requirements and follows the international standard ISO / IEC 27000-series on the Information Security Management System.

Your responsibilities :

Consult departments and management on Cyber Risk Management matters related to Supplier Security.

Manage and lead the Information Risk Management service delivery.

Advise Business Owners on IT Security Risk Assessments, ensuring proper risk identification and remediation in accordance with the Information Security Framework.

Develop risk remediation measures based on the Information Risk Management methodology and ensure suppliers implement them within the specified timeframe.

Maintain trusted relationships with business stakeholders, including Risk Owners, Chief Information Security Officer, Compliance Officers, Technical Information Security Officers, and Internal / External Audit.

Support regular reporting on information security to the respective boards and committees.

Your profile :

Bachelor's and master’s degree in information technology, Cybersecurity, Business Informatics, or comparable education (e.g., CA, CS).

3-5 years of experience in third-party risk management, including information security and / or operational risk assessments.

Experience handling regulatory (RBI and / or SEBI) and customer audits, and conducting assessments.

Solid understanding of governance, risk, control design, risk assessment, assurance methodologies, and compliance practices.

Certifications such as ITIL, CISM, CRISC, CISA, PMP is Required.

Knowledge of legal and regulatory frameworks in the financial industry (e.g., EBA Guidelines, DORA, NIS2) and standards like ISO / IEC 2700x or NIST.

Strong analytical and critical thinking skills; ability to navigate ambiguity and collaborate across regions.

Autonomous and resilient, with excellent planning and organizational skills.

Exceptional communication and stakeholder management skills in English (German is a plus).

Willingness to work business hours based on Central European Time (CET)