Job Description

The holder of this role will significantly contribute to

- coordination of regulatory responses and audits

- audit coordiation

- raising, management and closure of internal audit, regulatory and self-identifies issues and ensure timeliness of deliverable

- improve efficiencies during the responses provided to internal and external control functions

- provide guidance, expertise and advisory to internal stakeholders for audit, regulatory response as well as issue lifecycle management

- provide management reporting on finding and audit status and escalate items require attention

- the role holder requires a high degree of independence as well as expertise in audit, regulatory and information security domains.

Additional

Details of the Division and Team:
The Information Security Specialist is responsible for managing specific aspects of Information Security tasks at the Deutsche Bank Group level. The Information Security Specialist monitors and contributes to the implementation of the Information Security strategy together with line management.
Roles within Information Security may cover one or more areas of specialty, e.g. Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.); Information Security (\xe2\x80\x9cIS\xe2\x80\x9d) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.) and IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.)

The Risk Lead Function covering CSO CTO, IS Threat Operations and Office of the CSO is looking for an Information Security Specialist who will support the Risk Lead in managing the risk, audit and regulatory portfolio.

The job plays a vital role to fulfil internal and external control requirements, ensuring transparency around the current risk exposure and guiding the organization within an ever changing regulatory landscape.

This role will require someone with a self starting and independent work attitude. The candidate will perform with minimum supervision the tasks as a risk lead delegate in the APAC region and demonstrate skills as lateral, innovative and creative thinker who can work on multiple tasks in parallel and can cope with tight timelines.

Your key responsibilities:

• Risk Lead Deputy for IS Operations with APAC coverage
• Partner with Embedded Risk Teams, Risk Lead Peers, CSO teams, regulatory engagement groups and Subject Matter Experts
• Issue (Audit and Self Identified) Tracking and Reporting
• Track and guide stakeholders throughout the issue lifecycle from MAP creation up to closure of the finding
• Identify delays in remediation and escalate to management timely to avoid overdue deliverables
• Support stakeholders in solution design and implementation to ensure the solutions meet internal and external requirements
• Risk Advisory for Subject Matter Experts stakeholders
• Help stakeholders to navigate the Policy and Regulatory Landscape
• Support in the identification and creation of SIIs
• Support Risk Initiatives e.g., Internal and External Self-Assessments
• Coordinate regulatory engagement and responses within IS Operations by partnering with internal stakeholders across the APAC region
• Interface with the Internal Audit function during audit engagements, issue remediation and issue closures
• Understand new findings, confirm factual accuracy and verify and challenge the risk ratings
• Support internal stakeholders in the discussions with internal audit
• Act as an escalation point of contact for team members and stakeholders
• Provide technical and risk advice to Senior Management
• Develop presentations for Senior Management on Audit/Regulatory or other related responsibilities.

Your skills and experience:

• Bachelor\xe2\x80\x99s degree in Computer Science, Engineering, Information Security or equivalent
• Minimum of 3 years of IT Security experience.
• CISSP, CISM, CISA and / or CRISC related Certifications
• Working experience in COBIT and ITIL framework.
• Proven and hands on experience in risk and security concepts.
• Regulatory experience within the APAC region.
• A good understanding of security hardening techniques.
• Good analytical skills, with the ability to breakdown complex problems into actionable and understandable steps.
• Ability to communicate IT security issues to other business areas in technical and non-technical language .
• Working experience in project management.

Role is required to be performed on-site at One Raffles Quay. Relevant vaccination requirements may apply.

eFinancialCareers