Non-Financial Risk Management Information Security Expert - Vice President
Position Overview Job Title:
Non-Financial Risk Management Information Security Expert Corporate Title:
Vice President Location:
Jacksonville, FL Overview
As an Information Security Specialist you join the Non-Financial Risk Management team in Jacksonville reporting to the Americas Head of Technology Risk. Deutsche Bank applies a three Lines of Defense (LoD) model to manage its financial and non-financial risks. Within this approach, the second LoDs define and maintain an effective risk management framework for their risk types with minimum control standards and a related governance structure. CSO Coverage personnel should have an in depth knowledge of the various cyber and information security technologies and their application in large financial institutions. Maintaining subject matter expertise is considered critical in the current environment, based on external threats and envisaged digital and automation enhancements to the existing operating model with the ability to effectively communicate and challenge technical experts as well as senior management. What We Offer You:
- We offer competitive health and wellness benefits, empowering you to value life in and out of the office
- On-site gym, cafeteria, health center, and communal meeting areas
- Active engagement with the local community through Deutsche Bank's specialized employee groups
- An environment that encourages networking and collaboration across functions and businesses
Hear from our people and look inside our office: DB@The Muse Your Key Responsibilities:
Your Skills and Experience:
- Implementing the Group Information Security risk management framework by supporting the definition of and ensuring adherence to establish risk appetite
- Ensuring risks are proactively identified and managed
- Providing an effective challenge to the first LoD to ensure completeness and correctness of the Bank's risk profile
- Regulatory engagement and coverage of emerging cyber regulation, such as NYDFS 500 or Brazil Cybersecurity Regulation. Participation in cybersecurity regulatory horizontal reviews (e.g. FRB review on cyber resiliency)
- Ensuring the function fulfills local/legal entity requirements and that these are consistently embedded in the group framework (e.g. US RCA and Capital Planning/CCAR)
- As a member of the global CSO Coverage team, you are also responsible for contributing to regional as well global projects and maturing the function
How You'll Lead:
- University degree (Computer Science, Business Administration, Natural Sciences, or equivalent) with majors in Information Security and/or Risk Management
- Experience in information security (both technical and organizational requirements) ideally with experience in the finance industry, consulting, audit or a technology company
- Working knowledge of relevant assessment frameworks and/or standards (e.g., ISO/IEC 27000 Series, NIST, COBIT5, SOC2 ) is a plus
- Relevant professional certifications are a plus: e.g. CISSP, CISA, ISO27001 Lead Auditor or similar
- Understanding of risk management principles, experience in risk management and experience in regulatory frameworks for information security is a plus
- Leveraging your information security background to provide ongoing, effective and insightful review and challenge of regional Information Security risk profile
- Proactively assess and raise risks, both known and emerging, that warrant further review and reassessment of influence on regional risk profile
- Developing 1LoD CSO senior stakeholder network in region and globally to establish communication channels to maintain a pulse on threat landscape
Our values define the working environment we strive to create - diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.
We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.
Click here to find out more about diversity and inclusion.
We are an Equal Opportunity Employer - Veterans/Disabled and other protected categories. Click these links to view the following notices: \"EEO is the Law poster\" and supplement ; Employee Rights and Responsibilities under the Family and Medical Leave Act; Employee Polygraph Protection Act and Pay Transparency Nondiscrimination Provision.