Information Security Specialist

Job Description:

DB Global Technology is Deutsche Bank’s technology centre in Central and Eastern Europe. Since its set-up in 2013, Bucharest Technology Centre (BEX) has constantly proven its capacity to deliver global technology products and services, playing a dynamic role in the Bank’s technology transformation.

We have a robust, hands-on engineering culture dedicated to continuous learning, knowledge-sharing, technical skill development and networking. We are an essential part of the Bank’s technology platform and develop applications for many important business areas.

The TDI CSO Embedded Risk Team (ERT) is a global team whose footprint extends to the US, UK, India, and Europe. There are currently 15 members spread across these locations. The ERT is split into four main groups – 1) internal and statutory Audit Coordination, 2) Finding Management Governance, 3) Information Security Risk Management and 4) Control Testing Engagement. All of them perform the same function with the only difference being that statutory. Audit Coordination is an external facing function (External Auditors) while all others face off to Internal Audit, other TDI ERT teams, Divisional CISOs and Divisional ISOs, ITAOs across the bank, 2nd Line Risk Type Controller, Group COO Central Approval Function and others. The team’s main objective is to support, manage and monitor all aspects of Risk and Control impacting the TDI CSO division and the main responsibility is to ensure TDI CSO is fully compliant with the Finding Management procedure and all relevant 2nd line minimum control standards in relation to Information Security Risk and Physical Security Risk.

Responsibilities:

• Work closely with colleagues from all 3LODs around the world to identify, analyze and address existing information security risks.
• Use existing process to link all Information Security Risk Findings to Controls to identify deficiency or gap themes and that those are addressed from a one bank control perspective.
• Be first contact to follow up on ISR Control linkage exceptions.
• Prepare, create, and present regular CSO internal reports and status updates to Senior Management, and key working groups.
• Prevent IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property.
• Ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders.
• Drive Information Security risk towards within tolerance in line with the Security Strategy.

Skills:

• Educated Bachelor's degree level or equivalent qualification / work experience in auditing and enterprise risk management especially Information Security Risk Management (Risk Management for 3-5 years and or available Information Security certificates CISM/CISA).
• Understanding of ISO 27001 Framework and Controls.
• Project Management / Risk experience paired with excellent analytical skill to ensure strong governance across various locations and products considering implemented risk management models.
• Ability to monitor, track and clearly communicate progress, and escalating issues when appropriate.
• Very good communication skills with the ability to work independently as well as with other team members and functions in global teams across different time zones.
• Pay attention to details spotting unusual activities and being able to collaborate with ITAOs, Management and other ERTs.

Well-being & Benefits

Emotionally and mentally balanced:

• Empowering managers who value your ideas and decisions. Show your positive attitude, determination, and open-mindedness.
• A professional, passionate, and fun workplace with flexible Work from Home options.
• A modern office with fun and relaxing areas to boost creativity.
• Continuous learning culture with coaching and support from team experts.

Physically thriving:

• Private healthcare and life insurance with premium benefits for you and discounts for your loved ones.

Socially connected:

• Kids@TheOffice - support for unexpected events requiring you to care for your kids during work hours.
• Enjoy retailer discounts, cultural and CSR activities, employee sport clubs, workshops, and more.

Financially secure:

• Competitive income, performance-based promotions, and a sense of purpose.
• 24 days holiday, loyalty days, and bank holidays (including weekdays for weekend bank holidays).

We strive for a Culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank.

We welcome applications from all people and promote a positive, fair and inclusive work environment.

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.