You will be the Information Security Officer for the CMC Markets GmbH organisation, part of CMC Markets Group. CMC Markets GmbH has the primary local responsibility for CMC Markets across Europe, and the relationship with BAFIN as the regulatory oversight.

In this role you will be the European contact point for all Information Security issues, ensuring that all security requirements or concerns relating to European regulatory, compliance or similar are adequately addressed. You will support the Director of Risk in all aspects relating to Information Security.

In addition, you must work closely with the Group Security function, supporting the Group Head of Security so that there is full alignment between the GmbH & Europe and the wider group. You will contribute to the Group wide security function as necessary, supporting the development of policy, documentation and risk management. You will provide security governance as necessary for the European offices, and support the wider group where required.

Responsibilities

• Creation, updating and maintenance of security documentation such as IT security concepts, policy, procedures, standards and guidelines.
• Stay up to date with relevant security requirements from European regulations, laws and standards bodies.
• Implementation of risk and protection needs analyses.
• Support BCM, Operational Resilience and Disaster Recovery for the European offices.
• Security governance for Europe – oversee risk assessments, access reviews and business impact assessments.
• Support the third party supplier management framework with regard to critical/important suppliers, risk classification and security due diligence.
• Organization, support and implementation of internal and external IT security audits
• Support ongoing development and maintenance of Group Wide ISMS
• Member of the group security working group
• Central contact point for questions about Information security for GmbH
• Work closely with Global Security team - all GmbH policy and standards MUST align to Group
• Continuous monitoring of the organization's security requirements in accordance with ISO 27001
• Support business in all related audits.

Your profile

• University degree or comparable qualification with a focus on Business, Technology, Information Security or similar.
• In-depth understanding of Information Security
• Experience writing documentation including policy, procedures, standards, guidelines.
• Experience documenting protection needs analysis
• Knowledge of security requirements and controls relating to regulatory, compliance and standards necessary for Financial institutions in Europe (e.g. BAFIN oversight)
• Strong analytical understanding for assessing complex issues as well as acting independently, strong communication skills and a conceptual way of working.
• You must be flexible and pragmatic in your approach.
• Team Working – must be willing to collaborate well with local and group representatives.
• Requires excellent German and English verbal and written communication skills.
• Awareness of security requirements and controls arising from related standards such as; ISO 27001, PCI DSS, GDPR, DORA, NIS2

CMC Markets is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.