Technical Information Security Officer

Job Title: Technical Information Security Officer (TISO)

Corporate Title: Assistant Vice President

Location: Pune, India

Role Description

• At the "Service, Solutions and AI" Domain, our mission is to revolutionize our Private Bank process landscape by implementing holistic, front-to-back process automation. We are committed to enhancing efficiency, agility, and innovation, with a keen focus on aligning every step of our process with the customer's needs and expectations. Our dedication extends to driving innovative technologies, such as AI & workflow services, to foster continuous improvement. We aim to deliver 'best in class' solutions across products, channels, brands, and regions, thereby transforming the way we serve our customers and setting new benchmarks in the industry.
• A Technical Information Security Officer (TISO) is responsible for ensuring the security of assigned IT assets, including application software, databases, infrastructure, and outsourced IT services. The TISO conducts risk and compliance assessments, provides guidance on security requirements, approves access control setups, and ensures the implementation of necessary security controls. They collaborate with key role holders to develop secure environments, perform risk assessments, and document risk management activities. Additionally, the TISO influences IT risk policies and standards, ensuring compliance and mitigating potential security risks.

What we'll offer you

As part of our flexible scheme, here are just some of the benefits that you'll enjoy,

• Best in class leave policy.
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

As a Technical Information Security Officer (TISO), you will be entrusted with a critical role in ensuring the security of our IT assets. Your key responsibilities include:

• Ownership and Risk Management: Assume ownership of assigned IT assets, including application software, databases, infrastructure, and outsourced IT services. Conduct comprehensive risk and compliance assessments to ensure security measures are in place.
• Guidance and Implementation: Provide expert guidance to IT Asset Owners (ITAOs) and Information Security Officers (ISOs) on security requirements and the implementation of compensating controls. Ensure security is integrated early in the system development life cycle.
• Access Control and Authorization: Approve access control setups and user authorization for assigned IT assets. Perform periodic recertification of access rights in compliance with organizational policies.
• Security Controls: Ensure the implementation of necessary information security controls. Influence and provide feedback on IT risk and control-related policies and standards. Design and oversee the implementation of security measures.
• Collaboration and Coordination: Work closely with ITAOs and other ISO role to establish monitoring capabilities for IT assets. Review monitoring outputs to maintain the required security level and advise on remediation of gaps.
• Incident Management: Contribute to the Information Security Incident Management Process in case of security breaches for assigned IT assets.
• Documentation and Compliance: Maintain thorough documentation of information security risk management activities, including major decisions, identified risks, and mitigation measures. Ensure compliance with internal policies and standards.
• Escalation and Conflict Resolution: Serve as the first point of escalation and conflict resolution, both internally and with external parties such as regulators.
• Regulatory Awareness: Pre-empt changes in the legal and regulatory environment and advise senior management on potential impacts. Oversee the performance and quality assurance of assessment executions for audits and regulatory compliance.
• Senior Management Support: Ensure appropriate senior management awareness and oversight to follow up on action items and resolve identified issues.
• Cloud Security: Implement and manage security measures for cloud-based services and infrastructure to protect organizational data and assets.
• OSS Vulnerability Management: Identify, assess, and mitigate vulnerabilities in open-source software (OSS) to ensure the security and integrity of IT assets.
• Ethical AI: Ensure the secure and responsible use of AI technologies within the organization, adhering to ethical AI practices.
• By fulfilling these responsibilities, you will help maintain the security and integrity of our organization's IT assets, ensuring compliance and mitigating potential security risks.

Your skills and experience

To excel as a Technical Information Security Officer (TISO), you should possess the following skills and experience:

• Technical Expertise: Strong technical knowledge of information security principles, practices, and technologies.
• AI and Ethical AI: Proficiency in AI technologies and ethical AI practices, ensuring the secure and responsible use of AI within the organization.
• Cloud Security: Expertise in cloud security, including the implementation and management of security measures for cloud-based services and infrastructure.
• OSS Vulnerability Management: Experience in identifying, assessing, and mitigating vulnerabilities in open-source software (OSS) to ensure the security and integrity of the organization's IT assets.
• Analytical Skills: Ability to conduct thorough risk assessments and develop effective solutions for complex security issues.
• Communication Skills: Excellent communication skills to effectively convey security information to both technical and non-technical stakeholders.
• Continuous Learning: Commitment to staying updated with the latest information security trends, technologies, and best practices.
• Educational Background: A bachelor's degree in Information Security, Computer Science, Information Technology, or a related field is typically required. An advanced degree can be advantageous.
• Professional Experience: Several years of professional experience in information security or a related field, with experience in roles such as Information Security Analyst, Security Engineer, or similar positions.
• Certifications: Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CEH (Certified Ethical Hacker).
• Teamwork and Initiative: Excellent communication skills, strong independence and initiative, ability to work in agile delivery teams, and good experience in working with distributed teams, especially in Germany and India.
• Cyber Security and Cryptography: Strong experience and knowledge in cybersecurity, cryptography, and encryption/decryption solutions.
• Configuration Skills: Proficiency in configuring TLS/SSL, PKI, ACLs, and API security.
• Platform and Database Knowledge: Experience with Windows, Unix, Linux platforms, and Oracle & SQL databases.
• By bringing these skills and experiences to the role, you will contribute significantly to maintaining the security and integrity of our organization's IT assets, ensuring compliance, and mitigating potential security risks.

How we'll support you

• Training and development to help you excel in your career.
• Coaching and support from experts in your team.
• A culture of continuous learning to aid progression.
• A range of flexible benefits that you can tailor to suit your needs.

About us and our teams

Please visit our company website for further information:

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.