Job Description

:

Details of the Division and Team:

As a Risk specialist you join the Non-Financial Risk Management (NFRM) team in Singapore to manage Information Security risk type in the second line of defense (2LoD) function in Asia Pacific (APAC). This role reports to the Regional Head of Information Security Risk (ISR) in APAC, with NFRM being an independent risk function reporting globally to the Group Chief Risk Officer and locally to the APAC Chief Risk Officer.

Deutsche Bank applies a three Lines of Defense (LoD) model to manage its financial and non-financial risks. In this model, the second LoDs define and maintain an effective risk management framework for their risk types with minimum control standards and a related governance structure.

What we will offer you:

A healthy, engaged, and well-supported workforce are better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That\xe2\x80\x99s why we are committed to providing an environment with your development and wellbeing at its center.

You can expect:

Flexible benefits plan including virtual doctor consultation services

Comprehensive leave benefits

Gender Neutral Parental Leave

Flexible working arrangements

25 days of annual paid leave, plus public holiday & Flexible Working Arrangement

Your key responsibilities:

Information Security specialist should have an in-depth knowledge of Technology and Information Security in large financial institutions and managing associated risks. Maintaining subject matter expertise is critical in the current environment, based on external threats and ongoing digital and automation enhancements to the operating model. Understanding of evolving regulatory requirements on Cyber Security and impact assessment on the Bank are required.

Information Security Specialist needs to effectively communicate and challenge technical experts as well as senior management.

Supporting the Regional Head and contribute to all activities performed in APAC region as the 2LoD for Information Security risk.

Work with stakeholders in 1LoD to support implementation of the Information Security risk management framework. Providing an effective, independent review and challenge to ensure completeness and correctness of the Bank\xe2\x80\x99s risk profile.

Lead and contribute to control assessments and mitigation initiatives relating to ISR including dynamic Risk and Control Assessments (RCA), deep-dives, and Scenario exercises.

Participating in review and challenge of Information Security controls in key transformation programmes such as Cloud adoption, digitalization, and others, across the core infrastructure as well as in business lines.

Ensuring risks are proactively identified, reported, and managed; and contributing to adoption of advanced tools and analytical capabilities for effective risk management and reporting.

Developing relationships with stakeholders in NFRM (Divisional and Country Coverage, other Risk Type Controllers); in the first LoD such as Group Chief Security Office (CSO), Divisional Chief Information Security Officers (D-CISO) and Embedded Risk Teams (ERT); and with other control functions such as Compliance.

Working closely with the global ISR team members (in Germany, America, and UK) and contributing to regional and global projects.

Audit and Regulatory engagement and representing ISR in internal governance councils / committees, with Group Audit (3LoD) and regulators as required.

Your skills and experience:

Minimum of 5 years\xe2\x80\x99 experience in a risk management function within an investment bank, consultancy or large technology company advising on Information security and Technology risks. Possess professional industry certifications such as CISSP, CCSP, CCSK, CISA or CISM or equivalent. Proven knowledge of Cloud architecture and experience in managing Information Security and Technology risks in a Cloud set-up such as digital transformation, cloud security, migration, cloud adoption Proven knowledge of relevant assessment frameworks and/or standards (e.g., ISO/IEC 27000 Series, NIST, COBIT, SOC2).

Proven experience and knowledge of risk management principles and regulatory guidelines and frameworks for Information Security in Asia Pacific.

University degree (Computer Science, Business Administration, or equivalent).

Role is required to be performed on-site at One Raffles Quay office. Relevant vaccination requirement applies

How we\xe2\x80\x99ll support you:

Flexible working to assist you balance your personal priorities

Coaching and support from experts in your team

A culture of continuous learning to aid progression

A range of flexible benefits that you can tailor to suit your needs

Training and development to help you excel in your career

About us and our teams:

Deutsche Bank is the leading German bank with strong European roots and a global network to see what we do.

Deutsche Bank & Diversity

Our values define the working environment we strive to create \xe2\x80\x93 diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.

We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.

Click to find out more about our diversity and inclusion policy and initiatives.

Deutsche Bank