IT & Risk Control officer, AVP

Job Description Position Overview Job Title: IT & Risk Control officer Location: Pune, India Corporate Title: AVP Role Description - The IT Risk and Control officer provides data analysis, identifies and evaluates potential areas of non-compliance or risk, assessing impact, probability and defined risk tolerance and presents findings and proposals for risk mitigation measures. The Divisional Regulatory, Risk and Control Analyst is responsible for supporting the delivery of the risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance and validation of cyclical activities such as annual control self-assessments. Achieve & Maintain coverage and compliance targets for IT Controls, especially IT Security Controls. Also be an influencer through offering advise & support to enable TDI PB to build & maintain value-adding and compliant software. What We'll Offer You As part of our flexible scheme, here are just some of the benefits that you'll enjoy - Best in class leave policy - Gender neutral parental leaves - 100% reimbursement under child care assistance benefit (gender neutral) - Flexible working arrangements - Sponsorship for Industry relevant certifications and education - Employee Assistance Program for you and your family members - Comprehensive Hospitalization Insurance for you and your dependents - Accident and Term life Insurance - Complementary Health screening for 35 yrs. and above Your Key Responsibilities Key Responsibilities / Tasks Payment specifics - Report on, manage, and mitigate IT risks for payment related applications to acceptable levels - Maintaining operational control and discipline across the organizational unit in terms of adherence to both IT Bank Standard and Payment Specific Controls - Ensuring that payment related business is conducted in accordance with applicable laws, regulations and in adherence to the bank's internal IT (Security) related policies - Providing thought-leadership around business specific risk taxonomies, IT (Security) Risk assessment methodologies, process and control implementation - Testing the IT control infrastructure for payment related business - Communicating regulatory development and implications to the business - Managing Risk and Compliance data and information related to payment applications - Driving messaging and information from second line to first line (e.g., IT policies, procedures, training) - Providing a consolidated view of IT Risks related to payment applications Other Responsibilities: - Foster continuous compliance for TDI PB in accordance with PB risk appetite - Advice, support, tracking and management reporting on IT Asset Governance processes - Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards - Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement - Drive the risk culture and risk awareness - Represent TDI PB on risk and control topics to TDI - Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions - Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services - Excellent potential for 1) playing lead role in designated tasks in gathering, organizing and analyzing data; 2) strong potential for growth and acceptance of additional responsibilities - Ensure application & vendor compliance to DB IT security policies & procedures - Responsible for Vendor Risk Management compliance & approvals within the bank. - Ensuring compliance to New Application Repository compliance - Ensuring compliance of application penetration testing and co-ordinating with CISO & application vendor team to ensure tracking and closure of open risk points within the application - Ensuring completion of Risk Assessment and Compliance Evaluation of Applications in co-ordination with the IT application owner. - Single point of contact for internal/external/regulatory Retail IT Audit compliance. - Responsible for demonstrating continuous improvement in state of monitoring of information security events. - Responsible to timely reporting and resolution of security incidents to IT management teams. - Enabling automated log aggregation, correlation, and analysis with the help of IT application vendor. Our main work packages are - IT Finding Management - IT Asset Management - IT Governance Process Optimization - IT Control Governance - Identity and Access Management - Application Security Management - Audit Control & Advisory - Application Decommissioning Your Skills And Experience - Bachelor of Science or Bachelor of Engineering + MBA equivalent from an accredited college or university (or equivalent) - 10+ years experience in the field of Information Technology/ Information Security (preferably Bank Retail application technology) - Knowledge about payment processes, payment data and payment supporting apps e.g. SWIFT - Experience in the field of Information Security / SOC / Incident Response / Incident Forensics - Domain knowledge in the Banking industry - Excellent knowledge of MS Office (including Excel, PowerPoint, Word). - Good written and spoken communication skills - Proven ability with building positive working relationships and managing stakeholders. - Ability of adapting to change. Be open minded to new solutions and ideas, think outside of the box. - Willing to share information, transfer knowledge and expertise. - Proactive approach and ability to take ownership of assignments. - Maintain a structured and systematic approach without being dogmatic - A working knowledge of most aspects of information security is essential, as is the ability to apply this knowledge in an open network environment - Information Security technical Certifications such as CEH, ECSA, CISA, CISSP etc. - Strong working knowledge of various security technologies including architecture, incident management, and forensics. - Experience or technical knowledge in financial environments is a plus - Professional level of English How We'll Support You - Training and development to help you excel in your career - Coaching and support from experts in your team - A culture of continuous learning to aid progression - A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.html We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.