Tdi - Information Security Analyst - Avp

**Details of the Division and Team**:
The Information Security Analyst is responsible for supporting the execution of the Information Security strategy. The Information Security Analyst provides data and analysis to measure the effectiveness of Information Security controls across group wide products and services. The Information Security Analyst identifies and evaluates potential areas of Information Security threats by assessing the probability and impact, and facilitates feedback for mitigation.

**What we will offer you**:
A healthy, engaged and well-supported workforce is better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That’s why we are committed to providing an environment with your development and wellbeing at its center.

**You can expect**:

- Flexible benefits plan including virtual doctor consultation services
- Comprehensive leave benefits
- Gender Neutral Parental Leave
- Flexible working arrangements
- 25 days of annual paid leave, plus public holiday & Flexible Working Arrangement

**Your key responsibilities**:

- Conducting Information Security Third Party assessments as part of the overall Third-Party Management process
- Identification of security gaps against DB’s information security control framework
- Describing security risks related to identified gaps
- Performing Gap Analysis of Third Party Info Sec implementations against DB control standard
- Explanation of potential remediation steps for identified risks
- Constant communication with involved stakeholders (within in the Bank and outside)
- Providing guidance to stakeholder within and outside the Bank.
- Provide response and necessary artifacts for Regulatory queries across globe.
- Supporting the team to improve the overall control framework (e.g. new controls, enhancement of existing controls)

**Your skills and experience**:

- 5 years of experience in information security in the banking industry
- Proven experience in Information Security, IT Security, and Physical Security (both technical and organizational controls)
- Understanding of financial regulations or guidance’s which impact information security i.e.: GDPR, NYDFS, SoX, EU Cybersecurity Act, MAS & HKMA TRM
- Experience with Shared Assessment Program (SIG), Cloud Security Alliance(CSA) Cloud Controls Matrix CCM/CSA Consensus Assessments Initiative Questionnaire (CAIQ)
- Experience in reporting including definition of metrics and data sources
- Experience in Third Party Management processes
- Solid understanding of Risk Management principles
- Experience in IT Security and Information Security (both technical and organizational controls)
- Understanding of banking industry and services to be able to evaluate impact of security risks is beneficial
- Ability to explain, document and present information security risks in a clear, concise, and understandable manner at levels in the bank/ third-parties.
- Highly proficient in MS Office Suite - Microsoft Word, Excel, PowerPoint, etc. for reporting purposes
- Knowledge & experience:

- Experience in Third Party Management processes
- Solid understanding of Risk Management principles
- Experience in reporting including definition of metrics and data sources
- Experience with ISO27001 standard
- Additional general understanding of current agencies and industry standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, SOC2, PCI, MITRE ATT&CK etc
- Experience with Shared Assessment Program (SIG), Cloud Security Alliance(CSA) Cloud Controls Matrix CCM/CSA Consensus Assessments Initiative Questionnaire (CAIQ), and methodologies or questionnaires

Role is required to be performed on-site at One Raffles Quay office. Relevant vaccination requirement applies

**How we’ll support you**:

- Coaching and support from experts in your team
- A culture of continuous learning to aid progression
- A range of flexible benefits that you can tailor to suit your needs
- Training and development to help you excel in your career
- Coaching and support from experts in your team

**About us and our teams**:
Deutsche Bank is the leading German bank with strong European roots and a global network. click here to see what we do.

**Deutsche Bank & Diversity**

Our values define the working environment we strive to create - diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.