Information Security Specialist

===================================

---------------------

Information Security is responsible for preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders. Roles within Information Security may cover one or more areas of speciality:

• Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.)
  
• Information Security (“ISâ€) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.) •IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.).
  

Work includes:

• Identifying and evaluating potential areas of Information Security threat by assessing the probability and impact, and implementing associated mitigations Monitoring and contributing to the implementation of the Information Security strategy
  
• Evaluating the adequacy and effectiveness of internal controls relating to Information Security risks
  
• Ensuring appropriate procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders
  
• Developing appropriate, pragmatic strategies to deliver effective controls and Information Security management objectives and implementation across the bank
  
• Managing client relationships and ensuring management focus on the Information Security agenda
  

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
  
• Gender neutral parental leaves
  
• 100% reimbursement under childcare assistance benefit (gender neutral)
  
• Sponsorship for Industry relevant certifications and education
  
• Employee Assistance Program for you and your family members
  
• Comprehensive Hospitalization Insurance for you and your dependents
  
• Accident and Term life Insurance
  
• Complementary Health screening for 35 yrs. and above
  

• Conduct thorough security assessments of existing vendors such as Google, DXC and Kyndryl
  
• Monitor and manage vendor compliance with security policies and standards and related contractual SLAs
  
• Identify and mitigate risks associated with third-party vendors.
  
• Maintain a vendor risk register and track remediation efforts.
  
• Provide guidance and support to vendors on improving their security posture.
  
• Stay informed about the latest security threats and trends affecting third-party services.
  
• Conduct regular reviews and audits of vendor security practices.
  
• Report on vendor security performance to senior management.
  
• Partner with the Delivery, Tech operations and infrastructure teams to deliver operational excellence
  
• Internally assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for the Company's information and technology systems
  
• Present assessment results and options to the DB stakeholder and discuss steps for resolution
  
• Support the Audits/resolution as it relates to issues that address information security in their areas’ processes and projects.
  

• Proven experience in information security, vendor management, or a similar role.
  
• Strong knowledge of information security principles, practices, and technologies especially on Mainframe, DB2, AIX, Tandem, AS400
  
• Experience with security frameworks and standards such as ISO 27001, NIST, and GDPR.
  
• Excellent problem-solving and analytical skills.
  
• Relevant certifications such as CISM, or CISA are preferred
  
• Analytical skills to evaluate risks and control processes
  
• Strong communication skills both verbal (incl. presentation skills) or written and ability to deal with people at all levels in a global matrix organization
  

• ~12-15 years’ experience in IT Infrastructure support and service delivery
  
• At least ~5 years of experience in information security on Mainframe, AS400, AIX, Tandem and broader Technology Infrastructure
  

• Training and development to help you excel in your career
  
• Coaching and support from experts in your team
  
• A culture of continuous learning to aid progression
  
• A range of flexible benefits that you can tailor to suit your needs
  

Please visit our company website for further information:

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.