Dell has flagged the Information Security Senior Analyst (17000xg0) job as unavailable. Let’s keep looking.

Information Security Senior Specialist

Job ID:R0316536Full/Part-Time: Full-timeRegular/Temporary: RegularListed: 2024-03-27Location: Bucharest

Position Overview

Lead Information Security Expert, VP

Chief Security Office is responsible for the creation, maintenance, and implementation of the Information Security Strategy of Deutsche Bank Group. CSO (Chief Security Office) steers the measures derived from the information security strategy and supplies guidance to employees about the identification, development, implementation, and execution of all processes which serve to reduce information security risk, to respond to incidents, and to set up proper policies and standards for information security management.

CSO division, Governance, Risk and Compliance, Universal Governance Control Design team assess the processes and solutions within an assigned security pillar and capability to define the Bank’s Information Security Controls aligning with the Control Objectives to govern and ensure regulatory and organizational requirements of the Bank are satisfied.

As we continue to grow, we are seeking a talented and experienced Information Security Senior Specialist to join our team and play a crucial role in developing and implementing effective security controls. The team is based in Bucharest.

The job holder will be responsible for designing, developing, and implementing robust security controls and measures to safe guard our organization's sensitive information and systems. Working closely with cross-functional teams, including senior stakeholders within our security capability pillars, the Information Security Senior Specialist will assess risks, define security requirements, and design comprehensive controls aligned with industry standards and best practices.

The ideal candidate will have a strong understanding of security frameworks, risk management principles, and emerging threats, and will be able to translate those into practical, scalable security controls.

Task description - Responsibilities

  • In collaboration with the subject matter experts of the assigned security pillar and capability, document processes used by the capability, and define the attributes of IS Controls in alignment with the IS Control Lifecycle Design Principles
  • Working with the process governance stakeholders, identify and understand security requirements and objectives
  • Find pre-requisites of the processes and solutions to function as designed, to develop Information Security Controls tailored to organizational needs and industry standards
  • Execute IS Control Lifecycle steps to achieve stakeholder engagement and review of the proposed IS Controls
  • Act as a competent partner, and challenger to capability stakeholders in the development and evaluation of the process and control change requests
  • Take active role in development, improvement, and implementation of the Bank’s Security Control Framework
  • Communicate openly with management and the internal stakeholders; keep them informed of potential findings and escalate problems/delays accordingly
  • Proactively develop and keep professional consultative working relationships with the CSO function, clients and respective support areas and use a range of approaches to collect relevant information to assess key risks and analyze existing controls to identify vulnerabilities and gaps in the security posture
  • Partner with other divisional teams during IS Control Design and Effectiveness Tests
  • Define or contribute to the development of key operational procedures where necessary
  • Execute day-to-day operational IS control design teamwork and contribute to the delivery of

the team goals.

  • Prepare and present reports, metrics, and dashboards to executive leadership and relevant stakeholders
  • Coach and mentor junior members of the team and act as delegate for Head of UG Control Design Team Lead
  • Stay up to date with the latest security threats, trends, and technologies, and proactively recommend enhancements to security controls.

Requirements:

  • 5-10 years of work experience in the Information Security or Information Technology area with a focus on Governance, Risk, and Compliance and/or IS/IT Audit, preferably in the financial or regulated industry
  • Prior experience working on one or more of the information security domains such as Identity and Access, Security Monitoring, Cloud and Cyber Risk, Data Leakage Management, End User Protection, Cryptography is highly beneficial.
  • Experience in process design, assessment, documentation, or continuous improvement
  • Proven experience in development or assessment of Information Security Controls or Information Security Risks
  • Ability to translate complex technical concepts into clear and concise recommendations for non-technical stakeholders.
  • Experience in global and diverse teams across different time zones and within a matrix environment
  • Demonstrated ability to lead projects and initiatives independently
  • Excellent communication and interpersonal skills, with the ability to collaborate effectively across all levels of the organization. Fluent in English.
  • Professional / industry recognized certifications (e.g. CISM, CGEIT, CGRC, CISA, CCSP, CISSP, OSCP) preferred
  • Strong understanding of cyber security standards (e.g., NIST, OWASP, ISO27001, CCA CCM) and knowledge of the regulatory environment in the financial sector are highly beneficial
  • Knowledge of IS threat analysis and frameworks (e.g., MITRE ATT&CK Framework) preferable
  • University degree in Computer Science / (Commercial) Information Technology or equivalent qualification

Our values define the working environment we strive to create – diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.

We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.

Visit Inside Deutsche Bank to discover more about the culture of Deutsche Bank including Diversity, Equity & Inclusion, Leadership, Learning, Future of Work and more besides.

Read Full Description
Confirmed 10 hours ago. Posted 10 hours ago.

Discover Similar Jobs

Suggested Articles