Cro - Non-financial Risk Management, Risk

**Details of the Division and Team**:
As a Risk specialist you join the Non-Financial Risk Management (NFRM) team in Singapore to manage Information Security risk type in the second line of defense (2LoD) function in Asia Pacific (APAC). This role reports to the Regional Head of Information Security Risk (ISR) in APAC, with NFRM being an independent risk function reporting globally to the Group Chief Risk Officer and locally to the APAC Chief Risk Officer.

Deutsche Bank applies a three Lines of Defense (LoD) model to manage its financial and non-financial risks. In this model, the second LoDs define and maintain an effective risk management framework for their risk types with minimum control standards and a related governance structure.

**What we will offer you**:
A healthy, engaged, and well-supported workforce are better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That’s why we are committed to providing an environment with your development and wellbeing at its center.

**You can expect**:

- Flexible benefits plan including virtual doctor consultation services
- Comprehensive leave benefits
- Gender Neutral Parental Leave
- Flexible working arrangements
- 25 days of annual paid leave, plus public holiday & Flexible Working Arrangement

**Your key responsibilities**:
Information Security Specialist needs to effectively communicate and challenge technical experts as well as senior management.
- Supporting the Regional Head and contribute to all activities performed in APAC region as the 2LoD for Information Security risk.
- Work with stakeholders in 1LoD to support implementation of the Information Security risk management framework. Providing an effective, independent review and challenge to ensure completeness and correctness of the Bank’s risk profile.
- Lead and contribute to control assessments and mitigation initiatives relating to ISR including dynamic Risk and Control Assessments (RCA), deep-dives, and Scenario exercises.
- Participating in review and challenge of Information Security controls in key transformation programmes such as Cloud adoption, digitalization, and others, across the core infrastructure as well as in business lines.
- Ensuring risks are proactively identified, reported, and managed; and contributing to adoption of advanced tools and analytical capabilities for effective risk management and reporting.
- Developing relationships with stakeholders in NFRM (Divisional and Country Coverage, other Risk Type Controllers); in the first LoD such as Group Chief Security Office (CSO), Divisional Chief Information Security Officers (D-CISO) and Embedded Risk Teams (ERT); and with other control functions such as Compliance.
- Working closely with the global ISR team members (in Germany, America, and UK) and contributing to regional and global projects.
- Audit and Regulatory engagement and representing ISR in internal governance councils / committees, with Group Audit (3LoD) and regulators as required.

**Your skills and experience**:

- Minimum of 5 years’ experience in a risk management function within an investment bank, consultancy or large technology company advising on Information security and Technology risks.
- Possess professional industry certifications such as CISSP, CCSP, CCSK, CISA or CISM or equivalent.
- Proven knowledge of Cloud architecture and experience in managing Information Security and Technology risks in a Cloud set-up such as digital transformation, cloud security, migration, cloud adoption
- Proven knowledge of relevant assessment frameworks and/or standards (e.g., ISO/IEC 27000 Series, NIST, COBIT, SOC2).
- Proven experience and knowledge of risk management principles and regulatory guidelines and frameworks for Information Security in Asia Pacific.
- University degree (Computer Science, Business Administration, or equivalent).

Role is required to be performed on-site at One Raffles Quay office. Relevant vaccination requirement applies

**How we’ll support you**:

- Flexible working to assist you balance your personal priorities
- Coaching and support from experts in your team
- A culture of continuous learning to aid progression
- A range of flexible benefits that you can tailor to suit your needs
- Training and development to help you excel in your career

**About us and our teams**:
Deutsche Bank is the leading German bank with strong European roots and a global network click here to see what we do.

**Deutsche Bank & Diversity**

Our values define the working environment we strive to create - diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.