Chief Security Office (CSO) is responsible for the creation, maintenance, and implementation of the information security strategy of Deutsche Bank Group. CSO steers the measures derived from the information security strategy and provides guidance to employees regarding the identification, development, implementation, and execution of all processes which serve to reduce information security risk, to respond to incidents, and to establish appropriate policies and standards for information security management. CSO division, Business Information Security and Governance, defines Information Security control objectives and conducts inclusive, reliable, threat-oriented, and risk-driven Information Security control / capability testing & governance to satisfy regulatory and organizational requirements. Team is located in the Bank's major business hubs in Germany, the United States of America and India.
What We Offer You
A diverse and inclusive environment that embraces change, innovation, and collaboration
A hybrid working model, allowing for in-office / work from home flexibility, generous vacation, personal and volunteer days
Employee Resource Groups support an inclusive workplace for everyone and promote community engagement
Competitive compensation packages including health and wellbeing benefits, retirement savings plans, parental leave, and family building benefits
Educational resources, matching gift, and volunteer programs
What You'll Do
Design Test cases to evaluate the Information Security (IS) capability / control solution design effectiveness and operational effectiveness, while acting as a competent partner and challenger to clients in the closure process of findings
Execute day-to-day operational IS control testing work and contributes to the delivery of the testing and monitoring function and manages scope of deliverables, while undertaking testing assignments, drafting test findings for review, facilitating issue tracking, and validating them to closure
Draft high quality test reports for review by senior management, facilitates finding tracking and validates actions taken to remediate previous test findings and execute IS Control effectiveness test fieldwork in line with the agreed test approach e.g. documenting Process Flows, identification of key risks, testing of key controls to determine whether they are properly designed and are operating effectively and documenting work in accordance with standards
Communicates openly with management and the internal stakeholders; keeps them informed of potential findings and escalate problems/delays accordingly, while proactively developing and maintaining professional consultative working relationships with the CSO function, clients, and respective support areas and will use a range of approaches to collect relevant information to assess key risks
Define key operational procedures where necessary, ensure adherence and focus on utilizing the capacity in an efficient and effective manner, and maintain monthly tracker
Represent the process and provide inputs for the Monthly and Quarterly dashboards with performance and with any challenges faced or suggestions to improve the quality while partnering with other divisional/teams during IS Control effectiveness tests engagement to use a collaborative approach
Skills You'll Need
Extensive work experience in the Information Technology Testing and Audit of security solutions and process, as well as experience in global and diverse teams across different time zones and within a matrix environment
Specific knowledge required for common operating systems, databases, threat operations, vulnerability management, cloud security, as well as cryptographic topics, preferably in the financial industry, and strong knowledge of IS threat analysis and frameworks (e.g MITRE ATT&CK Framework)
Clear understanding of the relationship between IT risk and how this applies to business processes
Project management experience with strong analytical and problem-solving skills
Ability to monitor, track and clearly communicate progress, escalate issues when appropriate
Skills That Will Help You Excel
Strong understanding of cyber security standards (e.g. NIST, OWASP, ISO27001) and knowledge of the regulatory environment in the financial sector (e.g. KAIT, BAIT, European Securities and Markets Authority (ESMA) cloud guidelines)
Strong verbal and written communication skills and the ability to communicate on all hierarchy levels. Fluent in English (German language is beneficial)
Self-driven, eager to learn and well-organized team player
University degree in Computer Science / (Commercial) Information Technology or equivalent qualification and Professional / industry recognized certifications (e.g. CISA, CCSP, CISSP, OSCP) are highly beneficial to cover a broad range of Information Security areas where relationship with the Business or IT is required
Positive attitude and proactive behavior with Effective communication and strong interpersonal skills
Expectations
It is the Bank's expectation that employees hired into this role will work in the Jacksonville office in accordance with the Bank's hybrid working model.
Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion.
The salary range for this position in Jacksonville is $78,000 to $110,000. Actual salaries may be based on a number of factors including, but not limited to, a candidate's skill set, experience, education, work location and other qualifications. Posted salary ranges do not include incentive compensation or any other type of renumeration.
Deutsche Bank Values & Diversity
We believe talent is found in all cultures, countries, races, ethnicities, genders, sexual orientations, disabilities, beliefs, generations, backgrounds and experiences. We pursue a working environment where everyone can be authentic and feel a sense of belonging. Click here to find out more about our diversity and inclusion efforts.
We are an Equal Opportunity Employer - Veterans/Disabled and other protected categories.
Click these links to view the following notices: EEO is the Law poster and supplement ; Employee Rights and Responsibilities under the Family and Medical Leave Act ; Employee Polygraph Protection Act and Pay Transparency Nondiscrimination Provision
Learn more about your life at DB through the eyes of our current employees: https://careers.db.com/life
The California Consumer Privacy Act outlines how companies can use personal information. If you are interested in receiving a copy of Deutsche Bank's California Privacy Notice please email HR.Direct@DB.com .
Deutsche Bank Benefits
At Deutsche Bank, we recognize that our benefit programs have a profound impact on our colleagues. That's why we are focused on providing benefits and perks that enable our colleagues to live authenti-cally and be their whole selves, at every stage of life. We provide access to physical, emotional, and financial wellness benefits that allow our colleagues to stay financially secure and strike balance between work and home. Click here to learn more!
#LI-HYBRID
#LI-REMOTE
#LI-ONSITE
Our values define the working environment we strive to create - diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.
We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.
Visit Inside Deutsche Bank to discover more about the culture of Deutsche Bank including Diversity, Equity & Inclusion, Leadership, Learning, Future of Work and more besides.
We are an Equal Opportunity Employer - Veterans/Disabled and other protected categories. Click these links to view the following notices: EEO is the Law poster and supplement ; Employee Rights and Responsibilities under the Family and Medical Leave Act ; Employee Polygraph Protection Act and Pay Transparency Nondiscrimination Provision .
