LBBW

Expert in Information Security and Risk Management

LBBW

full-time

Posted on:

Location Type: Office

Location: StuttgartGermany

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber Security

About the role

  • Development and implementation of security standards in the second line of defense in accordance with existing regulations, laws and policies.
  • Alignment with common norms and standards such as ISO 2700x and the NIST Cyber Security Framework.
  • Identifying security gaps through audits and Threat-Led Penetration Testing.
  • Conducting risk assessments in which threats are systematically identified and evaluated using structured and methodical procedures.
  • Dynamic threats such as cyber-attacks and geopolitical security situations are particularly relevant.
  • Complex risk analyses are carried out independently, and if necessary under technical leadership of a team.
  • Evaluating identified risks together with asset owners as part of a Business Impact Analysis, assessing both the likelihood of occurrence and the type and magnitude of potential damage.
  • Supporting management with risk assessments to prioritize risks to be mitigated and the optimization measures to be implemented.
  • This includes defining technical, infrastructural, organizational and personnel measures to reduce the likelihood of prioritized risks in coordination with risk owners and management.
  • Handling security incidents as part of a 24/7 incident response team.
  • Close collaboration with data protection (privacy), IT security, outsourcing and ICT risk management.

Requirements

  • At least 5 years of practical experience in the financial industry.
  • Professional expertise in information technology, information security and risk management.
  • Familiarity with relevant legal and regulatory requirements as well as common standards.
  • Strong analytical and conceptual skills and a high level of problem-solving ability.
  • Affinity for new developments and technologies (digital media and an agile mindset).
  • High willingness to learn and adapt, innovation capability and teamwork skills.
  • Determination and resilience under pressure.
  • Good German and English skills, both written and spoken.
Benefits
  • Development and implementation of security standards in the second line of defense in accordance with existing regulations, laws and policies.
  • Alignment with common norms and standards such as ISO 2700x and the NIST Cyber Security Framework.
  • Identifying security gaps through audits and Threat-Led Penetration Testing.
  • Conducting risk assessments in which threats are systematically identified and evaluated using structured and methodical procedures.
  • Dynamic threats such as cyber-attacks and geopolitical security situations are particularly relevant.
  • Complex risk analyses are carried out independently, and if necessary under technical leadership of a team.
  • Evaluating identified risks together with asset owners as part of a Business Impact Analysis, assessing both the likelihood of occurrence and the type and magnitude of potential damage.
  • Supporting management with risk assessments to prioritize risks to be mitigated and the optimization measures to be implemented.
  • This includes defining technical, infrastructural, organizational and personnel measures to reduce the likelihood of prioritized risks in coordination with risk owners and management.
  • Handling security incidents as part of a 24/7 incident response team.
  • Close collaboration with data protection (privacy), IT security, outsourcing and ICT risk management.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security standardsrisk assessmentsThreat-Led Penetration TestingBusiness Impact Analysiscyber securityISO 2700xNIST Cyber Security Frameworkrisk managementanalytical skillsproblem-solving
Soft Skills
teamworkadaptabilityinnovation capabilitydeterminationresilienceanalytical skillsconceptual skillscommunication skills