Divisional Risk and Control Lead, VP

Job ID: R0399563

Full/Part-Time: Full-time

Regular/Temporary: Regular

Listed:

Location: Pune

Job Title: Divisional Risk and Control Lead

Location: Pune, India

Corporate Title: VP

Role Description

The Divisional Technical Information Security Officer (DTISO) is a senior manager aligned to a division or function. DTISOs are responsible to enforce Information Security compliance within their area of responsibility in line with the CISO / PTISO mandate and strategy as well as the bank's risk appetite. Furthermore, DTISOs oversee the divisional TISO organisation which supports them in meeting the bank's control objectives. DTISOs are the experts and points of escalation for all IT security related aspects of the IT assets in their area of responsibility. They provide guidance on how to implement technical control aspects and achieve compliance to the related Information Security controls and ensure appropriate handling of any relevant exceptions. In close cooperation with the respective DISOs they support the business divisions as well as the TDI counterparts to comply with Security Controls. They are accountable for the adoption of centrally mandated Security Solutions.

What we'll offer you

As part of our flexible scheme, here are just some of the benefits that you'll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Derive the requirements from the overall Chief Security Office (CSO) strategy and translate this into an operational plan for delivery for their area of responsibility
• Provide leadership for TISO (Technical Information Security Officers) within the respective division or function and Information Technology Security oversight of the applications and infrastructure (IT assets) that these TISOs are responsible for.
• Provide management oversight of the operation of processes that the TISOs in their scope of control are responsible for to ensure a standardized and consistent working model.
• Spearhead independent reviews of IT Security Controls, prioritise identified issues and assesses remediation actions for quality, considering the optimal cost-risk ratio as well the strategically optimal resolution (e.g. Information Security control evaluation and respective follow up activities).
• Partner with key stakeholders (PTISO, DCISOs / DISOs and IT management etc.) to act as mediator and subject matter expert for them on Information Technology Security topics. Ensure a common understanding of Information Technology Security risks and their implications for the Group and for their scope of responsibility.
• Stay abreast of new cyber security threats and technology as well as changes in the business or legal/regulatory environment and supports and advises senior management of potential impact
• Facilitate a regular communication and cooperation with all relevant stakeholder and functions such as the respective Information Security Officers (ISOs) as well as the CSO technical delivery and governance functions. Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified issues, e.g. information security reviews of vendors, audit issue resolution.

Your skills and experience

• Rounded knowledge and experience of all the following Information Security processes;
• Application and Infrastructure Security
• Identity and Access management
• Information Security Incident and Problem Management
• Information Security Governance for business and technology
• Information Security Risk Management
• Expert knowledge of DB Information Security Principles, Policies, and Procedures
• Profound experience in business and IT processes and respective Information Security requirements.
• Experience with financial markets and institutions.
• Excellent analytical skills, flexibility regarding problem solving.
• Excellent communication skills.
• Ability to work in fast paced environment and keep pace with technical/ operational innovation.
• Open minded, able to share information, transfer knowledge and expertise to team members.
• Keeps pace with technical/operational innovation & maintains understanding of various technologies, as well as security service and technology offerings.

Education/Certification

• Masters degree in Information Security or a comparable education
• In addition, the following education/certification attainment will be beneficial:
• CISSP (Certified Information Systems Security Professional) or equivalent.
• ISSMP (Information Systems Security Management Professional).
• CISM (Certified Information Security Manager) or equivalent.

How we'll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.