Job
- Level
- Senior
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Frankfurt
- Working Model
- Onsite
Job Summary
In this role, you will act as a cryptography expert, develop security policies, conduct risk assessments, and support the implementation of encryption protocols across various projects.
Your role in the team
- As part of the Cyber Protection - Detect & Prevent unit, you will join a highly skilled, geographically distributed team of cybersecurity specialists based in Eschborn, Luxembourg, Prague, and Hyderabad.
- In this senior role, you will act as a cryptography subject-matter expert with a strong focus on governance, policy management, risk oversight and assurance.
- You will contribute to the definition, evolution, and oversight of Deutsche Börse Group's cryptographic and key-management protocols and algorithms to support the development, implementation, and evaluation of secure systems and applications, ensuring alignment with internal security frameworks and regulatory expectations.
- You will work closely with cybersecurity teams, application owners, Corporate IT, cloud and architecture teams to ensure robust security design, consistent policy adherence and resilience against evolving threats.
- Maintain, review and further develop group-wide written rules related to encryption, key management and cryptographic controls.
- Ensure policies, governance models and procedural requirements remain compliant with regulatory expectations and internal risk frameworks.
- Define clear organisational responsibilities for cryptographic measures and key-management processes across Legal Entities and Corporate IT.
- Lead periodic guideline reviews, ensuring updates reflect new risks, standards, regulatory changes and emerging cryptographic developments.
- Define and maintain control requirements for encryption and key-management processes, including governance expectations for PKI, certificates, and key lifecycle management.
- Oversee documentation requirements for PKI architecture, certificate authorities, and key/certificate registers.
- Validate that governance principles such as separation of duties, multiple-eyes controls, and access-management rules are correctly defined and applied.
- Coordinate assurance activities and support oversight of compliance with cryptographic governance requirements.
- Conduct and support cryptographic risk assessments, including evaluations of deviations, exceptions or compensating measures.
- Analyze the impact of cryptographic policy changes or new regulatory requirements on the organization's risk posture.
- Support audit readiness and act as a primary contact for internal/external auditors and regulators on cryptography governance topics.
- Oversee incident-response processes as they relate to cryptographic key compromise, certificate issues or governance breaches.
- Provide expert guidance on the secure design and governance of cryptographic protocols, architectures and high-level security mechanisms (TLS, IPsec, digital signatures, PKI, cloud encryption).
- Partner with Corporate IT, application teams and cloud/security architects to ensure compliant implementation of cryptographic policies and governance requirements.
- Support major projects, new product introductions and architectural changes with cryptography governance expertise.
- Engage in cross-functional working groups focused on cryptography, secure communications and data-protection topics.
This text has been machine translated. Show original
Our expectations of you
Education
- Bachelor's or Master's degree in Computer Science, Mathematics, Cybersecurity or a related field.
Qualifications
- Strong understanding of symmetric and asymmetric cryptography (e.g., AES, RSA, ECC), cryptographic protocols, and PKI principles.
- Vertrautheit mit Key-Management-Systemen, Hardware Security Modules (HSMs), Zertifikatslebenszyklus-Management und Cloud-Sicherheitskonzepten (grundlegendes Verständnis; Implementierung durch die Corporate IT durchgeführt).
- Solid foundation in security governance, security architecture principles or risk management.
- Ability to communicate complex cryptographic and governance concepts clearly to both technical and non-technical audiences.
- Strong attention to detail combined with an analytical mindset and excellent problem-solving skills.
- Proven ability to work collaboratively in cross-functional teams and engage effectively with diverse stakeholders.
- Proficiency in written and spoken English is required; German language skills are a strong plus.
- Highly motivated, adaptable and proactive in learning and staying current with emerging cryptographic and regulatory developments.
Experience
- Hands-on experience in applied cryptography, information security, risk management or security governance.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
Health, Fitness & Fun
More net
Food & Drink
Topics that you deal with on the job
Job Locations
This is your employer
Deutsche Börse AG
Deutsche Börse Group is one of the world's leading trading platforms. As a financial market organizer, the company offers a full range of services to cover the entire process: trading and clearing of securities and derivatives, netting and settlement of transactions, opening of accounts and provision of market information services.
Description
- Language
- English
- Company Type
- Established Company
- Working Model
- Hybrid, Onsite
- Industry
- Banking, Finance, Insurance
Data Security Specialist - Cryptography
- Location
- Frankfurt
- Working Model
- Onsite
- Diversity
- Open for all genders
