Senior Analyst | Security Analyst

• Deutsche Börse AG, Chief Information Officer/Chief Operating Officer (CIO/COO), Chief Technology Officer (CTO), Plan & Control
• Field of activity
• The Deutsche Börse CTO develops and runs the groupwide Information Technology (IT) infrastructure, develops and operates innovative IT products and offers services to the rest of the Group upon which they can build. The CTO area plays a significant role in the achieving the Groups strategic goals by leading transformation and supporting a stable operating environment.
• The Transformation Office unit supplies reliable project management capabilities and information security management to the CTO and enables the other delivery units within the area to rollout IS compliance requirements and Group IS strategy.
• The successful candidate will join the Information Security, Risk & Regulatory unit and support in carrying out these responsibilities.

• Analyse scan results, identify false positives and assign vulnerabilities to the target teams
• Collaborate with IT and development teams to ensure timely patching and mitigation of vulnerabilities
• Contribute to evolve current vulnerability remediation reports
• Maintain documentation of vulnerability management processes and remediation activities

• Support central teams and CTO teams in organizing pentests according to the Group guideline
• Review pentest vulnerability tickets based on provided evidence, and provide an assessment about their coverage to operational teams.

• Work with central team to understand and clarify the requirements
• Communicate the requirements to CTO teams in a structured manner
• Follow up on the progress of the onboarding and communicate the progress status as well as blockers to the management

• Support maintaining knowledge database in Confluence
• Stay current with emerging threats, CVEs, and exploit techniques.

• University degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
• 2-5 years of professional experience in vulnerability management or information security
• Familiarity with vulnerability scanning tools like Qualys, Rapid7 ,CrowdStrike , Cnapp & fortify and processes
• Strong understanding of operating systems, networking and application security
• Knowledge of CVSS scoring and risk prioritization
• Certifications such as CompTIA Security+, CEH, or GIAC are a plus
• Analytical mindset, and attention to detail is mandatory.
• Effective communication skills
• Problem-solving and critical thinking abilities.

Deutsche Börse Group