IT Risk & Control, AVP

Job Description:

Job Title: IT Risk & Control, AVP

Location: Mumbai, India

Role Description

• The IT Risk and Control Analyst provides data analysis, identifies and evaluates potential areas of non-compliance or risk, assessing impact, probability and defined risk tolerance and presents findings and proposals for risk mitigation measures. The Divisional Regulatory, Risk and Control Analyst is responsible for supporting the delivery of the risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance and validation of cyclical activities such as annual control self-assessments. It may also include control testing, incident research, remediation and other ad hoc control initiatives and projects. Working closely with teams in and out of the division to understand risks impacting the group.

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
• Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
• Understand complex business and information technology management processes
• Assist in the selection and tailoring of approaches, methods and solutions to support service offering or industry projects
• Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
• Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
• Ensure application & vendor compliance to DB IT security policies & procedures
• Responsible for audit on Vendor Risk Management compliance & approvals within the bank.
• Ensuring compliance of application penetration testing and co-ordinating with CISO & application vendor team to ensure tracking and closure of open risk points within the application
• Ensuring completion of Risk Assessment and Compliance Evaluation of Applications in co-ordination with the IT application owner.
• Single point of contact for internal/external/regulatory Retail IT Audit compliance.
• Periodically conduct individual IS reviews to identify IT risks.
• Responsible for IT Vendor information security audit scope and execution to be conducted by -external IS vendors.
• Responsible for demonstrating continuous improvement in state of monitoring of information security events.
• Responsible to timely reporting and resolution of security incidents to IT management teams.
• Enabling automated log aggregation, correlation, and analysis through ArcSight tool with the help of IT application vendor.

Your skills and experience

• Bachelor of Science or Bachelor of Engineering + MBA equivalent from an accredited college or university (or equivalent)
• 10-14 years’ experience in the field of Information Technology/ Information Security (preferably Bank Retail application technology)
• Experience in the field of Information Security / SOC / Incident Response / Incident Forensics
• Domain knowledge in the Banking & Financial Payments industry
• Good written and spoken communication skills
• A working knowledge of most aspects of information security is essential, as is the ability to apply this knowledge in an open network environment
• Information Security technical Certifications such as CEH, ECSA, CISA, CISSP etc.
• Strong working knowledge of various security technologies including architecture, incident management, and forensics.
• Experience or technical knowledge in financial environments is a plus
• Professional level of English

How we’ll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.