at Handelsbanken Capital Markets
Investment BankingPosted 4 days ago
No clicks
**Security Problem Manager/Engineer Operations (m/f/diverse)** - Analyze & process security incidents, identify patterns and systemic risks - Lead root cause analyses, implement sustainable risk reduction measures - Collaborate with Security Incident Management & CyberHygiene teams - Minimum of 3 years' experience in cybersecurity, preferably in banking - Proven expertise in ITIL Problem Management, risk management & regulatory requirements - Strong analytical, system thinking, and stakeholder management skills
- Compensation
- Not specified
- City
- Not specified
- Country
- Germany
Currency: Not specified
Full Job Description
As a Security Problem Manager, you will be responsible for the systematic analysis and processing of security incidents with the aim of eliminating recurring disruptions in the long term. You will identify patterns, weaknesses and systemic risks, initiate root cause analyses and steer the implementation of sustainable measures in close cooperation with relevant units. In doing so, you will be guided by established ITIL methods as well as regulatory requirements of the banking environment (e.g. BAIT, MaRisk). The focus is on sustainable risk reduction through the structural processing of problems, not on the rapid restoration of operational capability (MTTR). The aim is to eliminate causes and prevent recurring incidents.
The sustainable pursuit of audit-relevant topics is also part of the field of responsibility.
You will work primarily with the Security Incident Management Team, the CyberHygiene Team and the 2nd LoD functions (risk management).
Your tasks
Problem Identification & Analysis
- Development and control of a structured security problem management process
- Systematic evaluation of security incidents (e.g. SOC data, SIEM, threat intelligence)
- Identification of recurring patterns and causes as well as performance of trend and clustering analyses
Root-Cause-Management
- Leading root cause analyses (e.g. using 5-Why, Ishikawa,...)
- Identification of technical, organizational and procedural causes as well as their risk assessment
- Documentation of problem causes in a central register
Driving remediation and preventing measures
- Definition and implementation of sustainable measures for risk reduction (no pure workarounds)
- Control and follow-up of measures, including success monitoring (post-implementation review)
- Development of KPIs/KRIs to reduce recurring problems
Governance & Reporting
- Preparation of regular reports for CISO, IT steering committees and risk management
- Preparation of decision templates and reporting on trend analyses and risk areas
- Support in internal and external audits (audit, supervisory authorities)
Your profile
- Bachelor's degree or higher in information security, computer science, computer engineering, or a related field
- Several years of professional experience in the cyber security environment, ideally in a regulated industry such as banking or financial services
- Sound knowledge of:
- Incident response and SOC processes
- ITIL Problem Management and Root Cause Methods
- risk management as well as regulatory requirements (e.g. BAIT, MaRisk, DORA)
- Experience working with SIEM/case management systems and analytically evaluating incident data
- Familiarity with typical attack vectors (e.g., MITRE, ATT&CK)
- Strong analytical and systemic thinking skills
- Ability to communicate technical and complex issues in a clear and structured manner
- High level of ownership, assertiveness and sustainability orientation
- Strong communication and moderation skills, especially in stakeholder management
- Ideally, the following certifications: CISSP, GCIH, ITIL v4/v5, CISM
Our Benefits
- 30 days of vacation
- Flexible work
- Employee conditions
- Professional training & development
30 days of vacation; Flexible work; Employee conditions; Professional training & development; Capital-forming benefits; Friendly work environment; Diverse tasks; Work-life balance
The company
Commerzbank is the leading bank for the Mittelstand and with a comprehensive portfolio of financial services a strong partner for corporate client groups and private and small-business customers in Germany. We are a bank that is characterized by a fair and cooperative relationship with one another and with our customers.
We appreciate working in inspiring teams of people who bring a diverse background. We offer a creative environment and excellent career development opportunities. Work Life Balance is very important to us. And of course, we know that a good job also includes an attractive salary.
Contact
Would you like to become a member of a strong and dedicated team? If so, please submit your application online. If you have any further enquiries about this role, please contact Linh Jasmin Vo +49 69 935349407 or email her at linhjasmin.vo@commerzbank.com.
