Information Security Senior Specialist

Job Description:

DB Global Technology is Deutsche Bank’s technology centre in Central and Eastern Europe. Since its set-up in 2013, Bucharest Technology Centre (BEX) has constantly proven its capacity to deliver global technology products and services, playing a dynamic role in the Bank’s technology transformation. 

We have a robust, hands-on engineering culture dedicated to continuous learning, knowledge-sharing, technical skill development and networking. We are an essential part of the Bank’s technology platform and develop applications for many important business areas. 

This role will work on Information Security governance, risk and control domains, with a focus on controls, frameworks, and processes to mitigate risks and handle threats. A big portion of the work involves stakeholder engagement wrt design and improvement of control landscape including control objectives and control processes. This role will be responsible for ensuring the right control landscape that are required for protecting the Bank’s information and assessment of the residual risk.

Responsibilities:

• Conduct / participate assessments of information security controls, frameworks and control processes considering industry best practices, standards and regulations
• Take part in control / framework design, development and implementation
• Conduct / participate in Information Security Management System implementation internal assessment
• Work with representatives of governance and control stakeholders to ensure controls are fit-for-purpose, agreed upon and ratified.
• Act as an advisor to stakeholders on execution of control lifecycles, and contribute to their continuous improvement
• Participate in evaluation and/or authoring of information security policies and procedures
• Assist in risk and control assessments to identify the design and operating effectiveness of controls and frameworks
• Competencies
• Good analytical skills and ability to work on both conceptual and practical complex tasks
• Very good communication skills, both written and verbal
• Self-motivated and flexibility to work autonomously in virtual teams.
• Ability to build up knowledge related to new technology / process / solutions in an effective and timely manner

Skills:

• Team management skills and experience desirable.
• Knowledge about management of information security risks.
• Experience of conducting risk assessments, gap analysis on control coverage and/or implementation for identifying and rating residual risks and reporting on it.
• Advanced knowledge of MS Office products.
• Familiarity or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, CRI Profile.
• Preferred certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified in Governance of Enterprise IT (CGEIT), ITIL, COBIT, Certified in Risk and Information Systems Control (CRISC)).

Well-being & Benefits

Emotionally and mentally balanced:

• Empowering managers who value your ideas and decisions. Show your positive attitude, determination, and open-mindedness.
• A professional, passionate, and fun workplace with flexible Work from Home options.
• A modern office with fun and relaxing areas to boost creativity.
• Continuous learning culture with coaching and support from team experts.

Physically thriving:

• Private healthcare and life insurance with premium benefits for you and discounts for your loved ones.

Socially connected:

• Kids@TheOffice - support for unexpected events requiring you to care for your kids during work hours.
• Enjoy retailer discounts, cultural and CSR activities, employee sport clubs, workshops, and more.

Financially secure:

• Competitive income, performance-based promotions, and a sense of purpose.
• 24 days holiday, loyalty days, and bank holidays (including weekdays for weekend bank holidays).

We strive for a Culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank.

We welcome applications from all people and promote a positive, fair and inclusive work environment.

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.