ITAO - Multifactor Authentication Services - AVP

Job Title: ITAO - Multifactor Authentication Services - AVP

Location: Pune, India

Role Description

• You are working in the team Chief Security Office Identity Authentication Services with focus on Multifactor Authentication products for Online Banking customers of Deutsche Bank globally.
• You will be seen as custodian of the application, the ITAO is that individual in the bank, who is responsible for ensuring that the program and project's objectives are met, the application held is compliant daily, meets the banks standards and somehow drives towards achieving a risk-free security and safeguard for the application.
• You have experience working in dynamic, structured teams and has strong knowledge managing the Technology Risk, Information Security and Infrastructure for our applications.

What well offer you

As part of our flexible scheme, here are just some of the benefits that youll enjoy,

• Best in class leave policy.
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Be familiar with DB Policies.
• Manage Internal and external application audits and Audit issue remediation activities.
• Make sure that infrastructure is compliant and has up-to-date patches. Plan for Application Hardware / Software / License upgrades or migration activities to align to thecompliant platforms. Keep up-to-date DR Test Plan and manage regular DR Tests. Manage application capacity forecasting and monitoring. Manage any IT Security incidents that may occur in the application.
• Make sure that all critical activities in application are monitored and logs are reviewed. Make sure that application code/binaries/facilities are scanned and tested to find security flaws. Make sure that all found flaws are addressed and remediated in time.
• Make sure that all steps in Identity Access Management cycle (on-boarding, recertification, off-boarding) are compliant against DB Policies and application is on-boarded to central tools.
• Identify and manage the risks and issues associated with the application(s) and escalate appropriately.
• Provide Operational Readiness of application. Support compliance on all steps of SDLC process. Make sure that all SDLC controls are green.

Your skills and experience

Bachelors degree in computer science or comparable and at least more than 4 years hands-on experience working in Identity Access Management

• Regular Recertification, in Guardian, Gatekeeper, WebSSo,SSH Access Control, Digital Certificates. Cert Nanny/ dbPKI. Onboarding, and monitoring.

Experience/knowledge in Application Security and Monitoring

• CyberArk, Keystroke Log Reviews. Onboarding, remediation coordination.
• External Vulnerabilities and Internal Vulnerabilities remediation coordination.
• Application Penetration: onboarding, testing, remediation coordination, (Veracode)/VAST: onboarding, remediation coordination.

Experience/knowledge in Audit and Regulatory Internal Compliance

• Group Audit and External Audit and Regulator Support (EY, MAS, SOX).
• RACER and Audit review. NAR and Documentation maintenance; Proactive remediation, Self-Identified Issues.

Experience/knowledge in Infrastructure and Product Logistics

• Disaster Recovery.
• Technology Road Map Compliance. Migration and decommission. Infrastructure Configuration, Design, Procurement.
• Run Architecture - Capacity management. Server, Database Activation.

Knowledge of SDLC and Process Management

• SDLC Governance. Tooling. Onboarding management and issue coordination.
• Incident- and Problem Management, Unplanned maintenance.
• Operational Readiness.

Knowledge in Vendor Management

• VendorRiskManagement assessment.
• Scheduling regular catch-up meeting with vendor

Knowledge in Data Records Management

• Archiving compliance
• GDPR

Language skills: Excellent spoken and written communication skills in English, German language skills welcome.