Risk Governance Program Manager – Information Technology/Information Security Controls, VP

Description Corporate Banking is a technology centric business, with an increasing move to real-time processing, an increasing appetite from customers for integrated systems and access to supporting data. This means that technology is more important than ever for the business. Deutsche Bank is one of the few banks with the scale and network to compete aggressively in this space, and the breadth of investment in this area is unmatched by our peers. Joining the team is a unique opportunity to help rebuild the core of some of our most mission critical processing systems from the ground-up. Our Corporate Bank Technology team is a global team of 3000 Engineers (and growing) across 30 countries. The primary businesses that we support within Corporate Bank are Cash Management, Securities Services, Trade Finance and Trust & Agency Services. CB Technology support these businesses through CIO aligned teams and also by 'horizontals' such as Client Connectivity, Surveillance and Regulatory, Infrastructure, Architecture, Production and Risk & Control. In addition to providing cash management services like Payments to our customers, Corporate Bank is the payment service provider for the entire Deutsche Bank organization. As such, we have been tasked with ensuring technology and security risk for payments is within risk tolerance bank wide. The Risk and Control Team ensures the Bank's information control priorities are effectively implemented across Corporate Bank Technology (CB Tech). The team offers dedicated support for each Chief Information Officer (CIO) business line, advisory services for control responses, and program management services for broad control uplifts. The team's mission is to reduce the organization's technology risk exposure by implementing key bank controls, ensuring appropriate and timely resolution of audit issues, and participating in the Bank's design of control implementations. Therefore, your role would be integral in supporting the front-line management in identifying, assessing/measuring risks, identifying remediation actions, and monitoring risks. We are looking for a specialist to join the newly formed Central Risk Governance function within CB Tech Risk and Control to support governance and oversight of IT and IS Risk and Control risk remediation Book of Work. This involves in summary, facilitating clear scope definition of control programs, facilitating training of the control landscape where required, ensuring commitment for proactive remediation of IT/IS risk across CIO aligned delivery teams, monitoring and reporting progress, escalating risks/issues/blockers for resolution. Hands-on technical data analysis and recommending control process improvements where required to help ensure overall ensuring technology and security controls are implemented effectively and sustainably. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities As Central Risk Governance Program Manager for Information Technology/Information Security Controls, you will partner with CIO aligned Agile delivery teams, Control Uplift SMEs and CRG Program Leadership to ensure overall risk priorities are delivered per defined targets. Ensuring clear scope definition of Information Technology/Information Security Controls control programs, facilitating additional training of the control landscape where required Ensuring the timely capture, transparency and accountability of commitment dates from CIO aligned teams, monitoring and reporting progress. Providing regular status reporting and escalating risks/issues/blockers for resolution Conducting hands-on technical data analysis and recommending control process improvements, where required, to help ensure overall ensuring technology and security controls are implemented effectively and sustainably. Ensuring appropriate tagging of risk and control prioritization and clear tracking of inter-linkages with audit findings or self-identified issues Ensuring overall data quality of Information Technology/Information Security Control remediation related JIRAs feeding into senior management dashboards Overall ensuring Information Technology and Information Security risk remediation programs are initiated and executed in line with Deutsche Bank Risk and Program standards. Also will work with policy owners and control owners to improve processes and tooling. Overall Working with the control teams to identify and resolve potential issues in Information Technology and Security control design. Identify and resolve implementation issues. Suggest effectiveness metrics, ensure control design includes proper evidence, and provide input to the design and effectiveness of centrally provided tooling. Your skills and experience Delivery Management /Program Management: Must have 10+ years overall IT project management /program management or PMO experience, preferably in banking/financial services or a similarly regulated environment Demonstrable experience in managing large stakeholder groups across time zones. Must have experience managing multiple projects simultaneously; experience maintaining comprehensive project documentation and proactive risk/issue management. Must have advanced verbal and written communication skills to present ideas and concepts effectively. Control program management /control implementation project experience preferred. Industry standard Project management certification or Agile certification preferred. Experience working in an Agile delivery environment practicing Scrum or Kanban (Lean Agile Practitioner) and using JIRA preferred. Risk and Control Must have financial services preferably Banking Project/Program management experience Must have good knowledge on AI fundamentals and technical familiarity Must be willing to work during UK business hours Demonstrable familiarity with concepts of Technology Roadmap Compliance, Patching lifecycle knowledge especially Java, Oracle, Disaster Recovery, Secondary Storage, Back Up planning and testing Demonstrable familiarity with general Patching concepts and challenges in critical technologies (Java, Oracle, UNIX, etc.), PVG process and CVE advisory process for vulnerabilities Demonstrable familiarity on Identity and Access Management, Vulnerability management/Cyber Hygiene best practices, penetration testing Experience working in Risk and Control, audit or 2nd Line domain preferred. Experience in designing or generating regular IT / IS compliance reports and presentations for senior management preferred. Data analysis and reporting skills using industry standard tools including but not limited to excel, tableau or similar preferred. How we’ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs