Job
Description
About The Role :
Job TitleTechnical Information Security Officer, AVP
LocationPune, India
Role Description
Articulate and define the main purpose of the position, addressing the question Why does it exist?It is important to use reflective and action verbs to outline the main position and reason of being of theposition, state the framework or limits within which the position is set, and include the permanent objectives or end-result of the positionProvide an overview of the key result areas of the position
Overall Responsibility
The TISO acts based on the direction of and the tasks assigned by the Divisional TISO. The TISO is typically assigned a set of application software assets and associated databases (IT aspects only), Infrastructure software assets, IT services, hardware assets or IT assets associated with building / facilities.Therefore, the TISO assumes ownership for these assets from an IT Security perspective. The TISO executes all tasks that are assigned to this role based on defined and approved rules and processes
What well offer you
As part of our flexible scheme, here are just some of the benefits that youll enjoy,Best in class leave policy.Gender neutral parental leaves100% reimbursement under childcare assistance benefit (gender neutral)Sponsorship for Industry relevant certifications and educationEmployee Assistance Program for you and your family membersComprehensive Hospitalization Insurance for you and your dependentsAccident and Term life InsuranceComplementary Health screening for 35 yrs. and above
Your key responsibilities
The TISOs responsibilities within the assigned Unit comprise:To accept the ownership and responsibility for the Information Security of the assigned IT assetsTo carry out the IS Risk and compliance assessments for the assigned IT assets and processesTo remain fully trained and skilled by completing the required Information Security training provided by CSO or as requested by the Principal TISO or the Divisional TISOTo provide guidance to key role holders such as ITAOs and IS Officers to develop a secure environment by evaluating the IT Security requirements as early as possible in the system development life cycle to select the applicable Information Security Controls for implementationTo guide ITAOs on the implementation of compensating controls in case of deviations from the applicable Information Security ControlsTo approve the access control and user authorisation setup of the assigned IT assets. To execute and document periodical recertification of access rights in compliance with the DB Group Identity and Access management processesTo ensure that the necessary Information Security Controls are implementedTo cooperate with key role holders such as ITAOs and IS Officers to put monitoring capabilities for IT assets in place Information Security Policy - Deutsche Bank Group For internal use only Page 24To review the output of the monitoring jointly with the key role holders such as ITAOs and IS Officers to avoid degradation of the required security levelTo analyse and review the configuration of IT assets where required and to advise on the remediation of gaps according to the applicable Information Security policiesTo contribute to the Information Security incident management process in the case of a security breach for their IT assets, if requestedTo maintain the Information Security related documentation of assigned IT assets in the DB Group IT asset inventory.Proactively recertify users, groups coming from all such dashboards, perform attestations, security warnings Act as mediator and subject matter expert for business and IT management on information security topics. Demonstrates personal commitment to the Banks values Adheres to Bank Policies and Procedures and drives compliance within the team. Takes ownership for own development and career management, seeking opportunities to develop personal capability and improve performance contribution
People Management
The behaviours provided below should be adopted by all Deutsche Bank employees in relation to their development and management of others.Actively supports the business strategy, plans and values, contributing to the achievement of a high performance cultureTakes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contributionActs as a role model for new employees, providing help and support to facilitate early integration and assimilation of their new environmentSupports tough people decisions to ensure people performance is aligned with organisation imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance
Your skills and experience
Specify the minimum level and type of experience required for the position (e.g. specialised or cross-functional, cross-industry experience, local or international experience)Do not include the number of yearsAlternative possible background can be indicatedConsider the experience required in the following areas:Risk and RegulatoryBusinessLeadershipMIFiD II PositionsEnsure the description outlines the need to possess the necessary knowledge, competence and at least 6 months of experience in a relevant role to meet relevant regulatory and legal requirements.Minimum 9 years working experience on Identity & Access Management, Governance, Risk and Control related topics Basic knowledge technology like Mainframe (COBIT, JCL, DB2), microservice architecture, JAVA, ITIL, ServiceNow, JIRA Good business analyse knowledge of system design, development, implementation, and user support principles and practices Working knowledge about Use recertification process and impact, application security concepts and findings like 2FA, representing application in audits and support ITAOBasic Knowledge on Database Systems, application interactions and server operating systems Working Knowledge around Network Security concept Good communication skills, both written and verbal are fluent in English (written/verbal) Good analytical skills and problem solving abilities
Education/ Qualifications
Define the minimum level and type of education required. If applicable, indicate type of certificate, diploma or degree requiredMIFiD II PositionsConfirm position description contains appropriate Qualification Category. Ensure the description outlines the need to possess the necessary knowledge, competence and experience to meet relevant regulatory and legal requirements.Bachelor of Science degree from an accredited college or university with a concentration in Computer Science or Software Engineering (or equivalent)Proven capabilities / competencies in mitigating the Information Security / Application Governance / IT Control etc.Strong understanding of service delivery and relationship managementProject management, analytical and problem solving skillsEffective communication and strong interpersonal skillsTeam player, highly motivated, practical problem solver
Training and development to help you excel in your career.Coaching and support from experts in your team.A culture of continuous learning to aid progression.A range of flexible benefits that you can tailor to suit your needs.
