Information Security Specialist

We are looking for a knowledgeable Information Security Specialist to operate as a member of the Chief Security Office (CSO) Third Party Security team (TPS). As an Information Security Specialist, you will be responsible for supporting the development, execution, and maintenance of Deutsche Bank’s information security strategy and program under the management of the CSO. You will work in strategic alignment and partnership with Deutsche Bank’s vendor risk management program under Third Party Management (TPM). 

Responsibilities: 

• Support and coordinate Vendor Information Security Review processes, track vendors and services, escalate issues, when necessary, negotiate with vendor security, and legal team on the contractual security obligations 

• Assist with compliance and risk assessment programs which support corporate wide security programs, and participate in additional key control projects related to the overall enhancement of the assessment function 

• Conduct Risk evaluation and business impact analysis of the identified gaps, and provide comprehensive documentation of the identified gaps 

• Review vendor policies related to Information Security, comparison, and gap analysis to the Deutsche Bank security requirements 

• Track vendors and services, escalate issues when necessary, negotiate with vendor security and legal team on the contractual security obligations 

• Formulate remediation recommendations, and actively work with vendors and project managers on Information Security related findings to resolve issues as quickly as possible to help build and strengthen the relationship 

Skills: 

• Knowledge of technical and organizational controls regarding Information Security, and Risk Management principles   

• Experience with ISO27001 standard and current industry and agency standards, best practices and frameworks including NIST, ENISA, ISO27001, ISO27017, SOC2, SoX, PCI, and MITRE ATT&CK 

• Understanding of Governance Risk and Control (GRC) tools, services, frameworks, and best practices 

• Experience with standardized assessment programs such as the Cloud Security Alliance (CSA), Cloud Controls Matrix (CCM), and CSS Consensus Assessment Initiative Questionnaire (CAIQ), Shared Assessment Program (SIG), etc will be an added advantage. 

• Understanding of financial regulations which impact information security. 

Well-being & Benefits 

• We offer competitive health and wellness benefits, empowering you to value life in and out of the office 

• Active engagement with the local community through Deutsche Bank’s specialized employee groups 

• An environment that encourages networking and collaboration across functions and businesses 

• A rewarding work: we offer a purpose, a competitive income and promotions based on performance 

• Managers that empower your ideas and your decision-making abilities. You’re encouraged to show your good vibe, determination, and open mindedness 

• A professional, passionate, driven, but at the same time fun workplace. It is also flexible, including Work from Home opportunities] 

• Medical providers to choose from with premium benefits for you and your loved ones 

• The better you feel, the better you work. We nurture you with highly modern office that includes plenty of fun and relaxing areas to boost your creativity. We also facilitate copiously retailer discounts, cultural and CSR activities, employee sport clubs, workshops & more.