Job Description

Lead Security Analyst - Network & Infrastructure
Division:

• Deutsche Brse AG, Chief Information Officer/Chief Operating Officer (CIO/COO), Chief Technology Officer (CTO), Plan & Control

Field of activity

• The Deutsche Brse CTO develops and runs the groupwide Information Technology (IT) infrastructure, develops and operates innovative IT products and offers services to the rest of the Group upon which they can build. The CTO area plays a significant role in the achieving the Groups strategic goals by leading transformation and supporting a stable operating environment.
• The Transformation Office unit supplies reliable project management capabilities and information security management to the CTO and enables the other delivery units within the area to rollout IS compliance requirements and Group IS strategy.
• The successful candidate will join the Information Security, Risk & Regulatory unit and support in carrying out these responsibilities.

Tasks / Responsibilities:
Technical Security Assessments:

• Perform in-depth technical reviews of network and infrastructure components (firewalls, routers, switches, servers, cloud services).
• Analyse configurations for compliance with security baselines (e.g., CIS Benchmarks, vendor hardening guides).
• Interpret scan results to identify misconfigurations and weaknesses.

Security Baseline Review & Enforcement:

• Review technical security baselines for operating systems, network devices, and cloud services.
• Work with central team to develop custom scripts (e.g., Python, PowerShell) or automation tools to validate compliance with baselines and detect deviations.

Infrastructure Security Architecture:

• Review and advise on secure design of network topologies, segmentation, and access control models.
• Evaluate cloud infrastructure (Azure, GCP) for secure deployment practices, Network access, IAM policies, encryption, and logging.

Qualifications / required skills:

• Bachelors or Masters degree in Information Security, Computer Science, or related field.
• 5-8 years of hands-on experience in infrastructure and network security.
• Technical proficiency in IT systems including operating systems, and network architectures.
• Strong technical knowledge of TCP/IP, DNS, VPNs, firewalls, IDS/IPS, Linux/Windows hardening, and cloud security controls.
• Experience with tools like Wireshark, Nmap, Nessus, Rapid7, Solarwinds, Terraform, Ansible, and cloud-native security services.
• Certifications such as CISSP, CCSP, OSCP, Google/Azure cloud Security Specialty.
• Excellent analytical and critical thinking skills, with strong problem solving spirit
• Collaborative, flexible and well organized
• Clear oral and written communication skills. Proficiency in written and spoken English.