Cyber Attack (f/m/x)- Frankfurt

Job Description:

Details of the role and how it fits into the team

The role is an information security expert within the 2nd LoD Information Security Risk Team based in Frankfurt. The team is part of the wider Non-Financial Risk unit within the Chief Risk Office.

The candidate should have a proven depth of knowledge on Information Security Risk Frameworks such as (NIST 2.0, ISO  27001/2, SOC2, FAIR, MITRE ATTACK, COBIT), their design and implementation within large financial institutions. The role is part of a team of Risk Type Controllers who are responsible for holding 1LOD to account in their management of Information Security Risk.  The role will lead on various topics, attending and presenting at senior governance forum, providing leadership on Information Security Risk topics and lead on presenting challenges to 1LOD. The team has a global footprint in Germany, Singapore, Mumbai and USA.

Your key responsibilities

• Define, agree and maintain Information Security Risk Appetite tolerance and thresholds

• Continuously improve Information Security Risk framework and governance processes to identify, manage and report mitigation of risks

• Ensure the delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite.

• Report and present the Group Information Security Risk rating, any risk appetite breaches, key remediation glide path.

• Challenge 1LOD Risk Owners on risk breaches and their remediation glide paths

• Lead on specific tasks within the BoW and management of the junior team members priorities and delivery.

Your skills and experiences

• University degree (Computer Science, Business Administration, Natural Sciences or equivalent) is required

• Experience (6+ years) in Information Security with experience in the Finance industry and/or a major Technology company is required

• Experience of presenting Information Security topics at MB-1/2 forums is required

• Experience of working in global team is required

• Experience of working in 2LOD is preferred

• Good understanding of Information Security Risk Frameworks (e.g. NIST 2.0, ISO  27001/2, SOC2, FAIR, MITRE ATTACK, COBIT) is required

• Knowledge of industry / regulatory standards (e.g. EBA Guidelines, DORA) is preferred

• Knowledge of Cloud technologies is preferred

• Relevant professional certifications are required: e.g. CRISC, CISSP, CISA, CISM, ISO27001 Lead Auditor or similar

What we offer

We provide you with a comprehensive portfolio of benefits and offerings to support both, your private and professional needs.

• Emotionally and mentally balanced
  A positive mind helps us master the challenges of everyday life – both professionally and privately. We offer consultation in difficult life situations as well as mental health awareness trainings.

• Physically thriving
  We support you in staying physically fit through an offering to maintain personal health and a professional environment. You can benefit from health check-ups; vaccination drives as well as advice on healthy living and nutrition.

• Socially connected
  Networking opens up new perspectives, helps us thrive professionally and personally as well as strengthens our self-confidence and well-being. You can benefit from PME family service, FitnessCenter Job, flexible working (e.g parttime, hybrid working, job tandem) as well as an extensive culture of diversity, equity and inclusion.

• Financially secure
  We provide you with financial security not only during your active career but also for the future. You can benefit from offerings such as pension plans, banking services, company bicycle or “Deutschlandticket”.

Since our offerings slightly vary across locations, please contact your recruiter with specific questions.

This job is available in full and parttime.

In case of any recruitment related questions, please get in touch with Manuela Niedling.

Contact Manuela Niedling: +49 173 1822591

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.