Head Information Security for DXC, Kyndryl and Google, VP

Job Description:

Job Title: Head Information Security for DXC, Kyndryl and Google, VP

Location: Bangalore, India

Role Description

• In this role, you will be accountable for driving Information Security (Kyndryl, DXC and Google) for Tier 1 Vendors within Group Technology. This entails ensuring Vendor partners adhere to Deutsche Bank policies, framework and all contractual obligations including SLAs around the IS domain.
• You will be responsible for maintaining complete governance, oversight, and risk management related to Information Security domain and you will be expected to be an SME in different tech stacks across Technology Infrastructure including Mainframe with deep understanding of security tooling to manage IS processes and controls.
• You will oversee and own complete responsibility to ensure all contracted obligations are met by these vendor partners on all accounts related to IS domain. In addition, you will be accountable to drive end-to-end risk management life cycle for IS related topics for these vendor partners and this will include ownership for audit remediation where gaps are identified on topics such as Identity Access Management, Security Monitoring, Security Tooling, VAPT, CBVA, gaps against minimum control requirements originating from DB policies/ISRV (Information Security Risk for Vendors). Lastly, 100% adherence to vendor control risk framework and cloud control frame from IS perspective.  

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy,

• Best in class leave policy.
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Vendor compliance to Deutsche Bank policies, 3rd party risk management framework including contractual obligations around IS controls
• Conducting/facilitating in depth security assessments of existing vendors such as Google, DXC and Kyndryl and ensuring that vendor partners are using DB security tools and comply to DB requirements
• Conducting Platform security reviews, information security state monitoring, managing vendor SLA compliance as per contractual obligations related to security policies and standards
• Remain accountable ensuring end-to-end risk management across different IS risk types for inscope vendors
• Maintaining comprehensive vendor risk register and track remediation efforts
• Providing SME guidance and support to vendors on improving their security posture
• Staying informed about the latest security threats and trends affecting third-party services
• Conduct regular reviews and audits of vendor security practices
• Report on vendor security performance to senior management
• Actively partner with the delivery, Tech operations and infrastructure teams to deliver operational excellence
• Internally assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for the Company's information and technology systems
• Present assessment results and options to the DB stakeholder and discuss steps for resolution
• Own and remediate audit findings/risk remediation efforts that related information security domain

Your skills and experience

• Minimum 10-15 yrs of versatile experience in the information security domain with 2 years of being in the similar or larger role
• Proven experience and knowledge in information security with deep understanding of different technologies including Cloud operating framework
• SME on security frameworks and standards such as ISO 27001, DORA, NIST, GDPR etc
• Excellent problem-solving and analytical skills
• Relevant certifications such as CISSP, CISM, or CISA are preferred
• Analytical skills to evaluate risks and control processes
• Strong communication skills both verbal (incl. presentation skills) or written and
• Ability to operating complex operating environment and managing senior stakeholders

How we’ll support you

• Training and development to help you excel in your career.
• Coaching and support from experts in your team.
• A culture of continuous learning to aid progression.
• A range of flexible benefits that you can tailor to suit your needs.

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.