Head of ICT Risk Operations & Awareness (f/m/d)

Your area of work
The Chief Information Security Office / ICT Risk Office department manages the Cybersecurity and ICT Risk second line of defense for Deutsche Börse Group. It is responsible for strategy, control framework, posture, assurance, data and reporting, awareness, operations, and thought leadership across the group, harmonizing ICT, risk, and business for processes, people, and technology. Further we act as an advisor for cybersecurity and ICT risk related topics, as well as drive thought leadership in collaboration with other units within Deutsche Boerse Group.
As the Head of ICT Risk Operations & Awareness you will significantly contribute to Deutsche Börse Group’s CISO/ICT Risk team and to its strategic ambitions, representation, security architecture, issue management, and fostering innovation in fields such as AI, PQC, cloud or SDLC. As Head of Unit you will lead a newly formed team of experts and report to the CISO / Chief ICT Risk Officer.
Your responsibilities

• Lead, manage, and develop a team of experts in an agile environment
• Develop and operate ICT risk analysis for internal applications, manage and oversee observations, and ensure stakeholder involvement
• Establish, implement, and maintain ICT risk awareness culture and training, as well as building a strong brand and culture on agile ICT risk
• Coordinate and manage partnerships and projects, ensureing alignment with strategic objectives
• Drive innovation and thought leadership with a strong focus on post-quantum cryptography (PQC) as well as artificial intelligence (AI, Agents, MLOps), cloud (Google Cloud, Microsoft Azure), software development (SDLC, DevSecOps), and external publications

Your profile

• You hold a university degree in mathematics, cryptography, computer science, business administration, or a related fields
• You bring 10+ years of experience in IT, information security, or ICT risk management within a regulated industry
• You have in-depth knowledge of European regulatory frameworks, including the Digital Operational Resilience Act (DORA)
• You have proven experience in quantum security, AI, cloud security, and security controls
• You hold recognized certifications in information security and are passionate about emerging technologies like AI, MLOps, and DevSecOps
• Proficiency in written and spoken English; French/German language skills will be an asset