Threat Intelligence Specialist; f​/m​/d

The Group Security department directly contributes to execution of the Deutsche Börse Group information security strategy. As a central service provider for the Group entities, Group Security is responsible for protecting information assets in terms of safety, integrity, confidentiality, authenticity, and availability by enforcing information security controls based on the relevant regulatory requirements and follows the international standard ISO/IEC 27000-series on the Information Security Management System.

The Threat Intelligence Specialist plays a pivotal role in safeguarding Deutsche Börse Group’s global operations against cyber threats. By collecting, analyzing, and delivering actionable intelligence, this role strengthens the organization’s proactive defense posture. The expert works closely with Security Operations, Incident Response, Data Protection, and Risk Management teams to counter evolving threat actors targeting the financial sector.

• Perform cyber threat intelligence operations, delivering strategic insights and actionable reports to guide business decisions and reduce risk.
• Collect and analyze intelligence from OSINT, commercial feeds, dark web sources, and industry sharing groups to detect emerging threats.
• Collaborate with SOC, CERT, and executive stakeholders to support investigations, incident response, and security awareness initiatives.
• Perform threat hunting activities based on Io Cs
• Monitor geopolitical developments and regulatory changes (e.g., GDPR, DORA) to assess potential business impact.
• Drive innovation in threat detection through cloud adoption, automation, and continuous learning within the Threat Intelligence team.

• University degree in Information Systems, Political Science, or a related discipline.
• Minimum 5 years of experience in Threat Intelligence, Cybersecurity, or a related field.
• Strong understanding of legal and regulatory requirements in the financial industry.
• Proven ability to translate regulatory mandates into actionable operational plans.
• Deep expertise in cybersecurity technologies and methodologies (e.g., SIEM, IDS/IPS, threat analysis, incident response, forensics, MITRE ATT&CK).
• Hands‑on experience with dark web intelligence gathering and its application in dynamic investigations.
• Proficiency with threat intelligence platforms and analytical tools.
• Exceptional analytical thinking, creativity, and problem‑solving skills.
• Fluent in written and spoken German and English.