Information Security Analyst, AS

Job Description:

Job Title: Information Security Analyst, AS

Location: Bangalore, India

Corporate Title: AS

Role Description

The role of an Information Security Officer (ISO) is of a role holder aligned to a portfolio of applications (Application ISO). The ISO has the responsibility for the operational aspects of ensuring compliance with the Information Security Principles. The ISO is the primary contact for information security relevant matters within their area of responsibility. SOD manager must implement Segregation of Duty (SoD) rules for the assigned IT assets and to manage violations of SoD. The ISO and SOD manager have a disciplinary reporting line into their Line Manager and a functional reporting line into the Divisional CISO.

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• To assume the ownership and responsibility for the assigned IT assets, in line with the DB Group Information Security management processes and the Divisional ISMS.
• To support the development and maintenance of Information Security policies and procedures pertaining to the Unit in accordance with the Information Security policies and procedures of DB Group.
• To support the management of IS Risks within the Risk Appetite defined by the ISR.
• To execute the IS Risk assessments and compliance evaluations for assigned IT assets
• To ensure the execution of information security risk management requirements in their area of responsibility as additionally defined by the Divisional ISO (e.g., conducting risk assessments on an organizational basis, preparing and implementing management action plans to mitigate identified risks)
• To ensure the implementation of Identity and Access Management Processes and the execution of a periodic recertification of User Access Rights in their area of responsibility
• To provide timely updates to the Divisional ISO regarding the aforementioned information security management tasks
• To ensure that application entries regarding information security (e.g., Data Protection and Data Privacy fields) in the Group’s inventory of applications are accurate and up to date
• To implement Segregation of Duty (SoD) rules for the assigned IT assets
• To contribute to the Information Security incident management process in the case of a security breach
• Keep oneself informed of the Information Security Principles and its subordinate documents and liaise with any other necessary parties to accomplish their tasks. These resources may be e.g., the TISO, ITAO or any other subject matter experts
• To ensure appropriate documentation of information security risk management in area of responsibility. This includes major decisions including identified and assessed risks as well as risk mitigation measures
• To deliver all items requested during regulatory and internal Information Security related audits

Your skills and experience

Essential

• Candidate should have a minimum of 8 years of business experience in an operation management /   risk management capacity, working knowledge in various banking products with strong communications skills
• Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within Banking Operations
• Good understanding of Regulatory, Compliance, Risk & Control Knowledge
• Have sound knowledge of Identity and Access Management Process
• Ability to multitask and manage multiple deliverables / projects that are highly visible and of strategic importance to our clients
• Ability to effectively communicate with clients internally and externally
• Must be a team player and facilitator

Desirable

• Solid technical understanding of the business (CB Operations) including strong knowledge of application security related processes.
• Knowledge of electronic banking products and flow of instructions
• Computer proficiency in MS Office and ability to utilize IT initiatives to achieve a high degree of operational efficiency, optimize costs and add value to the service provided
• Innovative approach to work and continuously identify and implement process improvements
• Seek opportunities to improve service processes, minimize operational risk and reduce costs
• Strong analytical skills, detail orientation, service commitment and solid people management skills
• Strong awareness of risk control

Education / Certification

• Graduation degree
• CRISC
• Desired: CISA/CISM/CISSP

How we’ll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.