CB Information Security Officer
Mumbai Nirlon Know. Pk B4-B5
Applications have closed
Deutsche Bank
Discover Deutsche Bank, one of the world’s leading financial services providers. News and Information about the bank and its productsJob Description:
Job Title - Information Security Analyst
Location - Mumbai
Role Description
The Divisional CISO has the ultimate responsibility for the operational aspects of ensuring compliance to Deutsche Bank’s Information Security Principles. The Divisional CISO Office supports the Div. CISO in this task. In this role the candidate will assist all of our business divisions by evaluating and mitigating information security risks in order to meet both audit and regulatory requirements.
What we’ll offer you
As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
- Best in class leave policy
- Gender neutral parental leaves
- 100% reimbursement under childcare assistance benefit (gender neutral)
- Sponsorship for Industry relevant certifications and education
- Employee Assistance Program for you and your family members
- Comprehensive Hospitalization Insurance for you and your dependents
- Accident and Term life Insurance
- Complementary Health screening for 35 yrs. and above
Your key responsibilities
Information Security Officer (ISO) - The ISO is a manager aligned to an application (Application ISO) both together hereafter referred to as ‘area of responsibility’. The ISO has the responsibility for ensuring the compliance with the Group Information Security requirements in their area of responsibility.
Key responsibilities comprise but not limited to:
ISO:
- To ensure Information Security risk assessments and compliance evaluations for assigned IT assets are performed
- To provide sufficient information related to the business context, information sensitivity and nature of usage of an application, including identification and implementation of controls for identified Information Security risks in their area of responsibility
- To identify and describe application and business process dependencies (upstream and downstream) for integrity and availability evaluations, including changes
- To agree assessment results and track remediation, including follow-ups and mitigating actions
- To resolve data quality issues pertaining to the application portfolio
- To support Identity and Access management functions with regard to application recertification (including selection and onboarding to central recertification platform), user groups and entitlements including their functional conflicts.
- To cooperate with the D-ISO / D-CISO to address requests for policy interpretation, guidance and advice, to ensure creation of divisional policies in accordance with the IS Policy Governance and to support policy authors by raising questions to the policy advisory team
- Analyze the root cause for delays or incorrect processing and propose sustainable solutions
- Generate MIS for multiple IS topics and to assist senior management identify risks
- Support the wider D-CISO office where required
- Support on CAPs and special projects
- Any adhoc analysis and presentations
- Identify areas for improvement in processes in terms of both efficiency and quality
- Support on inquiries from internal and External Audit, regulators and clients.
- Assist in designing and implementing control framework for third party applications.
- Analyze the root cause for delays or incorrect processing and propose sustainable solutions
- Generate MIS for multiple IS topics and to assist senior management identify risks
- Support the wider D-CISO office where required including any adhoc analysis and presentations
The Segregation of Duties (SoD) Manager acts as the single point of contact for the Divisions or Functions or other stakeholders with regard to any SoD related questions or issues in their area of responsibility.
Key responsibilities of the SoD Manager comprise:
- To design and implement SoD Rules (for applications) in close collaboration with the ISO as well as other SoD Managers or stakeholders who may be affected by these rules. This includes the regular review of these rules and any necessary amendments
- To assess and remediate any SoD violations detected within their area of responsibility by either revoking inappropriate access or ensuring adequate compensating controls or exception handling procedures
- To assess the impact of inappropriate access on business operations and identify if there are indications for improper use of this access
- To act as the single point of contact for the Divisions or Functions or other stakeholders with regard to any SoD related questions or issues in their area of responsibility
- Liaise and coordinate with Central SoD Governance team and attend SoD forums
Your skills and experience
- Experience as IT and/or IS analyst – ideally in a Corporate Banking environment
- Proficiency in Microsoft Office applications (Excel, PowerPoint, Word, etc.)
- Excellent communication skills in English (verbal and written) with ability to articulate / engage with Senior management stakeholders (a must)
- Strong analytical skills and ability to transform complex issues into efficient solutions
- Advanced presentation/interactive skills sufficient to convey complex conceptual information/ideas on issues requiring interpretation and opinion.
- Desire to work in a fast paced, challenging multi-cultural environment and with ability to work in a global team
- Self-motivated, critical thinking and good understanding of major business and risk processes
Management Skills:
- Strong operational and people management skills, including the ability to operate within a diverse team.
- Excellent partnering skills and stakeholder management. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with business and management teams and with other control functions.
- Comprehensive management / leadership skills, including the ability to motivate teams through demonstrable commitment to CB and DB’s success.
Experience/qualifications:
- Good university graduate or post-graduate degree with Information Security, Risk Management and Governance
- Prior experience in a risk environment (e.g. in BISO, ORM, Audit, Data Privacy)
- Good understanding of major business and operational risk processes.
- Certifications such as ISO27001-LA/LI, CISM, CISSP etc.
- Experience in banking industry with a strong sense of accountability and integrity
How we’ll support you
- Training and development to help you excel in your career
- Coaching and support from experts in your team
- A culture of continuous learning to aid progression
- A range of flexible benefits that you can tailor to suit your needs
About us and our teams
Please visit our company website for further information:
https://www.db.com/company/company.htm
Our values define the working environment we strive to create – diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.
We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.
Visit Inside Deutsche Bank to discover more about the culture of Deutsche Bank including Diversity, Equity & Inclusion, Leadership, Learning, Future of Work and more besides.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Banking CISM CISO CISSP Compliance Governance IAM ISO 27001 Privacy Risk assessment Risk management
Perks/benefits: Career development Flex hours Health care Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Manager Pentest H/F jobs
- Open Chief Information Security Officer jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open EDR-related jobs
- Open IPS-related jobs