Information Security Risk - Vice President

Job Description:

Job Title Information Security Risk

Corporate Title Vice President

Location New York, NY

Overview

An Information Security expert within 2nd line of defense (2nd LoD), Information Security Risk team should have a proven depth of knowledge on cyber and information security risk. The role is within a team of specialists and will foster subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The Information Security expert will have strong understanding of industry standard Information Security Risk Frameworks such as ISO270001 or NIST 2.0 with deep knowledge of the key areas: vulnerability management, identity and access management, data encryption, end point detection, Third Party IS risk monitoring, cyber recovery and resilience. The expert needs to effectively communicate and challenge and be comfortable in presenting on Information Security Risk 2nd LoD opinions and challenges. The team has a global footprint in Germany, Singapore and USA.

What We Offer You

• A diverse and inclusive environment that embraces change, innovation, and collaboration

• A hybrid working model, allowing for in-office / work from home flexibility, generous vacation, personal and volunteer days

• Employee Resource Groups support an inclusive workplace for everyone and promote community engagement

• Competitive compensation packages including health and wellbeing benefits, retirement savings plans, parental leave, and family building benefits

• Educational resources, matching gift and volunteer programs

What You’ll Do

• Define, agree and maintain Information Security Risk Appetite tolerance and thresholds

• Continuously improve Information Security Risk framework and governance processes to identify, manage and report mitigation of risks

• Ensure the delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite

• Reporting and presenting on the Group Information Security Risk rating, risk appetite breaches, key remediation glide path

• Challenging 1st line of defense (1LOD) Risk Owners on risk breaches and their remediation glide paths, Performing targeted risk reviews e.g findings closure, effectiveness of controls, identification of potential control gaps, quantification of risk reduction from remediation

• Supporting the team day to day on key deliveries and management of the teams priorities and delivery

How You’ll Lead

• Expected to work with senior stakeholders across business divisions and infrastructure team

• Strong influencing, problem solving, organizational and stakeholder management skills

• Build, lead, motivate and engage a team

Skills You’ll Need

• University degree (Technology related), majors in Information Security related education are a plus

• Experience in Information Security with experience in the Finance industry and/or a major Technology company

• Experience of people and team management - developing, coaching and mentoring diverse teams

• Knowledge of industry/regulatory standards (e.g. DORA, ISO 27001 Series, COBIT 2019, FAIR) are required

• Relevant professional certifications are required: e.g. CISSP, CISA, CISM, CCSK, ISO27001 Lead Auditor, CRISC or similar, Familiarity with the Three Lines of Defense (3LOD) model preferential

Skills That Will Help You Excel

• Analytical thinking, relationship builder, attention to detail

• Understanding of risk management principles, experience in risk management and experience in regulatory frameworks is a plus

Expectations

It is the Bank’s expectation that employees hired into this role will work in the New York office in accordance with the Bank’s hybrid working model.

Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion.

The salary range for this position in New York City is $125,000 to $203,000. Actual salaries may be based on a number of factors including, but not limited to, a candidate’s skill set, experience, education, work location and other qualifications. Posted salary ranges do not include incentive compensation or any other type of remuneration.

Deutsche Bank Benefits

At Deutsche Bank, we recognize that our benefit programs have a profound impact on our colleagues. That’s why we are focused on providing benefits and perks that enable our colleagues to live authenti­cally and be their whole selves, at every stage of life. We provide access to physical, emotional, and financial wellness benefits that allow our colleagues to stay financially secure and strike balance between work and home. Click here to learn more!

Learn more about your life at Deutsche Bank through the eyes of our current employees https://careers.db.com/life

The California Consumer Privacy Act outlines how companies can use personal information. If you are interested in receiving a copy of Deutsche Bank’s California Privacy Notice please email HR.Direct@DB.com.

#LI-HYBRID

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.

We are an Equal Opportunity Employer - Veterans/Disabled and other protected categories. Click these links to view the following notices: EEOC Know Your Rights; Employee Rights and Responsibilities under the Family and Medical Leave Act; Employee Polygraph Protection Act and Pay Transparency Nondiscrimination Provision.