CTO Divisional Risk and Control Analyst - Control Testing, AS

Job Title- Risk and Control Analyst, Associate

Location- Pune, India

Role Description:

The 1st line Tech Risk, Insights and controls function at Deutsche Bank sits within the Group Technology Infrastructure (GTI) for Deutsche Bank Group. GTI has the largest footprint within the Technology, Data and Innovation (TDI) division and is joined by other business-aligned CIO IT divisions.
The Tech Risk, Insights and Controls is a dynamic team, consistently in demand, for providing guidance and challenge to deliver change and maintain systems in a secure and resilient manner.

As part of the team, you will join the Bank’s journey and contribute towards our strategic goal of cloud enabled solutions as well as activities that improve our operational resilience and risk reduction.

Specifically, you will bring expertise for risk identification and remediation advisory, records management supporting a proactive risk management function. It will therefore also include planning and executing thematic risk assessments and inputting into risk scenario testing and macro threat assessments. Further you will respond to client due diligence requests. You will liaise with other risk and control functions, on a management level to assure the integration of risk initiatives and projects.

What we’ll offer you:

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities:

GTI Risk Management (InfoSec)

• Handle the responsibilities as the IT Security delegate for the CIO Unit (i.e. GTI). Provide support towards the implementation of all applicable IT Security requirements originating from the ISMS of DB Group and relevant Unit, and IT Security requirements. This applies to all IT systems and IT processes owned by the assigned CIO Unit.
• Provide support on all IT Security matters to the Divisional CISO and ensure the overall Information Security is within the agreed Risk Appetite both of the bank and the respective Unit.
• Participate in relevant management forums of the assigned CIO Units and represents the respective CIO Units in relevant DB Group management forums.
• Support to define, set up and manage the IT Security organization, implement, and maintain the elements of the Divisional ISMS (Information Security Management System) as necessary for IT assets and IT processes in alignment with the associated Divisional CISOs. Support the Divisional Information Security Organization (TISO).
• Provide support to maintain an appropriate level of Information Security protection for technical infrastructure and applications. Support to steer IT Security initiatives and programs.

Stakeholder Management – Identify, Partner, and Collaborate

• Establish relationship with the DTISO/TISO community within the overall GTI area to ensure effective and robust support towards InfoSec realm of activities.
• Partner with the CSO teams to ensure alignment towards Group wide CSO mandated InfoSec controls and standards.
• Collaborate closely and proactively with the DTISO teams to manage the alignment towards InfoSec control requirements.
• Promote and support proactive IT risk culture at the Bank.

Your skills and experience:

Desired experience

• Minimum 2 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework in a global organization.
• Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001.
• Knowledge of Agile change delivery methodology, DevOps and Shift left concepts.
• Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains.
• Other professional qualifications and certifications in Technology risk management.

Desired behaviours

• A strong team player comfortable in a cross-cultural and diverse operating environment.
• Result oriented and ability to deliver under tight timelines.
• Ability to successfully resolve conflicts in a globally matrix driven organization.
• Excellent communication and collaboration skills.
• Desire to learn about new and emerging technologies and continuous upskilling.
• Must be comfortable with navigating ambiguity to extract meaningful risk insights.

How we’ll support you:

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.