Job Description:Job Title- Information Security Specialist, AS
Location- Pune, India
Role Description
Chief Security Office is responsible for the creation, maintenance and implementation of the information security strategy of Deutsche Bank Group. CSO steers the measures derived from the information security strategy and provides guidance to employees regarding the identification, development, implementation and execution of all processes which serve to reduce information security risk, to respond to incidents, and to establish appropriate policies and standards for information security management.
CSO division, Business Information Security and Governance, defines Information Security control objectives and conducts inclusive, reliable, threat-oriented, and risk-driven Information Security control / capability testing & governance to satisfy regulatory and organizational requirements. Team is located in the Bank’s major business hubs in Germany, the United States of America and India.
What we’ll offer you
As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
- Best in class leave policy
- Gender neutral parental leaves
- 100% reimbursement under childcare assistance benefit (gender neutral)
- Sponsorship for Industry relevant certifications and education
- Employee Assistance Program for you and your family members
- Comprehensive Hospitalization Insurance for you and your dependents
- Accident and Term life Insurance
- Complementary Health screening for 35 yrs. and above
Your key responsibilities
- Design Test cases to evaluate the IS capability / control design effectiveness and operational effectiveness
- Executes day-to-day operational IS control testing work and contributes to the delivery of the testing and monitorin function and manages scope of deliverables.
- Undertakes testing assignments, drafts test findings for review, facilitates issue tracking and validates them to closure.
- Drafts high quality test reports for review by senior management, facilitates finding tracking and validates actions taken to remediate previous test findings.
- Executes IS Control effectiveness test fieldwork in line with the agreed test approach e.g. documenting Process Flows, identification of key risks, testing of key controls to determine whether they are properly designed and are operating effectively and documenting work in accordance with standards.
- Acts as a competent partner to clients in the closure process of findings.
- Communicates openly with management and the internal stakeholders; keeps them informed of potential findings and escalate problems/delays accordingly.
- Proactively develop and maintain professional consultative working relationships with the CSO function, clients and respective support areas and will use a range of approaches to collect relevant information to assess key risks.
- Define key operational procedures where necessary and ensure adherence
- Focus on utilizing the capacity in an efficient and effective manner. Monthly tracker to be maintained
- Represent the process and provide inputs for the Monthly and Quarterly dashboards with performance and with any challenges faced or suggestions to improve the quality
- Partners with other divisional/teams during IS Control effectiveness tests engagement to use a collaborative approach.
Your skills and experience
Mandatory
- 3-5 years of work experience in the Information Technology area (common operating systems, databases, threat operations, vulnerability management, cloud security, as well as cryptographic topics) or in IT Audit, preferably in the financial industry
- lear understanding of the relationship between IT risk and how this applies to business processes
- Project management experience with strong analytical and problem-solving skills
- Effective communication and strong interpersonal skills
- Experience in global and diverse teams across different time zones and within a matrix environment
- University degree in Computer Science / (Commercial) Information Technology or equivalent qualification
- Ability to monitor, track and clearly communicate progress, escalate issues when appropriate
- Positive attitude and proactive behavior
- appearance and strong verbal and written communication skills and the ability to communicate on all hierarchy levels. Fluent in English.
- Self-driven, eager to learn and well-organized team player
Optional
- Professional / industry recognized certifications (e.g. CISA, CCSP, CISSP, OSCP) are highly beneficial to cover a broad range of Information Security areas where relationship with the business or IT is required
- Strong knowledge of IS threat analysis and frameworks (e.g MITRE ATT&CK Framework)
- Strong understanding of cyber security standards (e.g. NIST, OWASP, ISO27001) and knowledge of the regulatory environment in the financial sector (e.g. KAIT, BAIT, ESMA cloud guidelines)
- German language is beneficial
How we’ll support you
- Training and development to help you excel in your career
- Coaching and support from experts in your team
- A culture of continuous learning to aid progression
- A range of flexible benefits that you can tailor to suit your needs
About us and our teams
Please visit our company website for further information:
https://www.db.com/company/company.htm
We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.
Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.
We welcome applications from all people and promote a positive, fair and inclusive work environment.
