Divisional CISO Office, VP

Job Description:

Job Title: Divisional CISO Office

Location: Mumbai, India

Corporate Title: VP

Role Description

• The first line Tech Risk function for business divisions CB, IB and Ops at Deutsche Bank sits within the Divisional Control Office. CB and IB front-to-back have the largest footprint as a risk bearing function within the banking divisions and you will be part of a dynamic team which is consistently in demand for providing insights, assessments and managing Information Technology (IT) and Information Systems (IS) risks on behalf of the business.
• As part of the team, you will join the Bank’s journey and contribute towards our strategic goal of managing technology risk within appetite whilst enabling adoption of emerging and new technologies for business growth.

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

Information Security Officer (ISO) The ISO is a manager aligned to an application (Application ISO) both together hereafter referred to as ‘area of responsibility’. The ISO has the responsibility for ensuring the compliance with the Group Information Security requirements, for this role the candidate will be aligned under the Crporate Bank (CB) D-CISO area under the larger CB, IB and Ops Tech Risk function.

Key responsibilities comprise but not limited to ISO

• Defining strategy, governance and processes, including identification, asset categorization, control monitoring and risk assessments for the TPMA portfolio of 700+ applications in additional to performing the ISO tasks below for their own portfolio of a subset TPMA applications.
• Understand and analyze business setting from an information security perspective
• Perform risk assessments on complex applications, vendors, processes and projects from an information security perspective
• Identify security gaps, evaluate options for remediation, define and implement check points and compensating controls.
• Provide sufficient information related to the business context, information sensitivity and nature of usage of an application, including identification and implementation of controls for identified Information Security risks in their area of responsibility
• To cooperate with the D-ISO / D-CISO to address requests for policy interpretation, guidance and advice, to ensure creation of divisional policies in accordance with the IS Policy Governance and to support policy authors by raising questions to the policy advisory team
• Present assessments results and options to the business and discuss steps for resolution.
• Initiate and track risk acceptance process if required.
• Analyze and redesign access management processes (request and approval).
• Define and implement Segregation of Duties rules (details outlined below)
• Identifying applications and roles which allow access to PSI and assess appropriateness of access controls.
• Review of roles and application role concepts.
• Support on inquiries from internal and External Audit, regulators and clients.
• Advisory and support projects on information security questions.
• Advisory vendor relationships.
• Interact with and educate the business on information security risks and controls and handling sensitive data.
• Assist in assessing and determining appropriate controls on unstructured data hosted on internal and external data rooms.
• Conduct information security awareness sessions for stakeholders in CB.
• Assist in designing and implementing control framework for third party applications.
• Analyze the root cause for delays or incorrect processing and propose sustainable solutions
• Generate MIS for multiple IS topics and to assist senior management identify risks
• Support the wider D-CISO office where required including any adhoc analysis and presentations
• Special Projects support on ongoing remediation projects.

Your skills and experience

Skills Profile:

• Experience as IT and/or IS analyst – ideally in a Corporate Banking environment
• Proficiency in Microsoft Office applications (Excel, PowerPoint, Word, etc.)
• Excellent communication skills in English (verbal and written) with ability to articulate / engage with Senior management stakeholders (a must)
• Strong analytical skills and ability to transform complex issues into efficient solutions
• Advanced presentation/interactive skills sufficient to convey complex conceptual information/ideas on issues requiring interpretation and opinion.
• Desire to work in a fast paced, challenging multi-cultural environment and with ability to work in a global team
• Self-motivated, critical thinking and good understanding of major business and risk processes

Management Skills:

• Strong operational and people management skills, including the ability to operate within a diverse team.
• Excellent partnering skills and stakeholder management. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with business and management teams and with other control functions.
• Comprehensive management / leadership skills, including the ability to motivate teams through demonstrable commitment to CB and DB’s success.

Experience/qualifications:

• Good university graduate or post-graduate degree with Information Security, Risk Management and Governance
• Prior experience in a risk environment (e.g. in BISO, ORM, Audit, Data Privacy)
• Good understanding of major business and operational risk processes.
• Certifications such as ISO27001-LA/LI, CISM, CISSP etc.
• Experience in banking industry with a strong sense of accountability and integrity

How we’ll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.