Sales Services Sub domain TISO

Description

Information Security is responsible for preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders.

Roles within Information Security may cover one or more areas of speciality:

Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.) Information Security (“IS”) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.) IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.). Work includes: Identifying and evaluating potential areas of Information Security threat by assessing the probability and impact, and implementing associated mitigations Monitoring and contributing to the implementation of the Information Security strategy Evaluating the adequacy and effectiveness of internal controls relating to Information Security risks Ensuring appropriate procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders Developing appropriate, pragmatic strategies to deliver effective controls and Information Security management objectives and implementation across the bank Managing client relationships and ensuring management focus on the Information Security agenda

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy,

Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above

Your key responsibilities

Align standards, frameworks and security with overall business and technology strategy Identify and communicate current and emerging security threats  Create solutions that balance business requirements with information and cyber security requirements Train users in implementation or conversion of systems Derive the IT Security strategy from the overall Chief Information Security Office (CISO) strategy and requirements and translates this into an operational plan for delivery for their area of responsibility In relation to the IT Assets, processes within their scope of responsibility they: Drive integration of Chief Information Security Office Initiatives, programs and central solutions and ensure alignment with the divisional portfolios. Ensure effective and efficient communication, coordination and implementation of CISO IT Security requirements and decisions Are responsible for the adoption of centrally mandated Security Solutions and the maintenance of technical security documentation and compliance to security controls. Are the recognized expert in DB Information Security Policies and procedures and their implementation in relation to technologies. Proactively manages IT audits and plan (in co-operation with COO IT management) preparation and remediation. Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified issues, e.g. information security reviews of vendors, audit issue resolution. Spearhead independent reviews of IT Security Controls, prioritise identified issues and assesses remediation actions for quality, considering the optimal cost-risk ratio as well the strategically optimal resolution (e.g. Information Security control evaluation and respective follow up activities). Verify remediation concepts for critical and systemic issues and monitors their execution according to plan and with quality. Partner with key stakeholders (Chief BISOs and IT management etc.) to act as mediator and subject matter expert for them on Information Technology Security topics. Ensure a common understanding of Information Technology Security risks and their implications for the Group and for their scope of responsibility.

Your skills and experience

Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background Ability to present and discuss information security related topics to senior committees, fora and groups, and drive decision making Ability to distinguish between noise and real issues, in particular when it comes to the impact of information security risk to the franchise Good understanding of (DB) Findings Management, Control Inventory and how we apply information technology solutions in this space; robust understanding of Anti-Financial Crime Functions in Corporate Banking. Ability to lead, mentor and influence without formal authority, in a complex multi-matrix organization Working with Global teams across multiple time zones

How we’ll support you

Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

---