Position Overview
Details of the role and how it fits into the team
The role is an information security expert within the 2nd LoD Information Security Risk Team based in Frankfurt. The team is part of the wider Non-Financial Risk unit within the Chief Risk Office.
The candidate should have a proven depth of knowledge on Information Security Risk Frameworks such as (NIST 2.0, ISO 27001/2, SOC2, FAIR, MITRE ATTACK, COBIT), their design and implementation within large financial institutions. The role is part of a team of Risk Type Controllers who are responsible for holding 1LOD to account in their management of Information Security Risk. The role will lead on various topics, attending and presenting at senior governance forum, providing leadership on Information Security Risk topics and lead on presenting challenges to 1LOD. The team has a global footprint in Germany, Singapore, Mumbai and USA.
Your key responsibilities
* Define, agree and maintain Information Security Risk Appetite tolerance and thresholds
* Continuously improve Information Security Risk framework and governance processes to identify, manage and report mitigation of risks
* Ensure the delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite.
* Report and present the Group Information Security Risk rating, any risk appetite breaches, key remediation glide path.
* Challenge 1LOD Risk Owners on risk breaches and their remediation glide paths
* Lead on specific tasks within the BoW and management of the junior team members priorities and delivery.
Your skills and experiences
* University degree (Computer Science, Business Administration, Natural Sciences or equivalent) is required
* Experience (6+ years) in Information Security with experience in the Finance industry and/or a major Technology company is required
* Experience of presenting Information Security topics at MB-1/2 forums is required
* Experience of working in global team is required
* Experience of working in 2LOD is preferred
* Good understanding of Information Security Risk Frameworks (e.g. NIST 2.0, ISO 27001/2, SOC2, FAIR, MITRE ATTACK, COBIT) is required
* Knowledge of industry / regulatory standards (e.g. EBA Guidelines, DORA) is preferred
* Knowledge of Cloud technologies is preferred
* Relevant professional certifications are required: e.g. CRISC, CISSP, CISA, CISM, ISO27001 Lead Auditor or similar
What we offer
We provide you with a comprehensive portfolio of benefits and offerings to support both, your private and professional needs.
* Emotionally and mentally balanced
A positive mind helps us master the challenges of everyday life – both professionally and privately. We offer consultation in difficult life situations as well as mental health awareness trainings.
* Physically thriving
We support you in staying physically fit through an offering to maintain personal health and a professional environment. You can benefit from health check-ups; vaccination drives as well as advice on healthy living and nutrition.
* Socially connected
Networking opens up new perspectives, helps us thrive professionally and personally as well as strengthens our self-confidence and well-being. You can benefit from PME family service, FitnessCenter Job, flexible working (e.g parttime, hybrid working, job tandem) as well as an extensive culture of diversity, equity and inclusion.
* Financially secure
We provide you with financial security not only during your active career but also for the future. You can benefit from offerings such as pension plans, banking services, company bicycle or “Deutschlandticket”.
Since our offerings slightly vary across locations, please contact your recruiter with specific questions.
This job is available in full and parttime.
In case of any recruitment related questions, please get in touch with Manuela Niedling.
Contact Manuela Niedling: +49 173 1822591
Wir streben eine Unternehmenskultur an, in der wir gemeinsam jeden Tag das Beste geben. Dazu gehören verantwortungsvolles Handeln, wirtschaftliches Denken, Initiative ergreifen und zielgerichtete Zusammenarbeit.
Gemeinsam teilen und feiern wir die Erfolge unserer Mitarbeiter*innen. Gemeinsam sind wir die Deutsche Bank Gruppe.
Wir begrüßen Bewerbungen von allen Menschen und fördern ein positives, faires und integratives Arbeitsumfeld.