Technology Risk Manager - Vice President

About The Role :Job Title:

Technology Risk Manager, Vice President

Location:Pune, India

Role Description

Deutsche Banks Corporate Bank division is a leading provider of cash management, trade finance and securities finance. We complete green-field projects that deliver the best Corporate Bank - Securities Services products in the world. Our team is diverse, international, and driven by shared focus on clean code and valued delivery. At every level, agile minds are rewarded with competitive pay, support, and opportunities to excel.



You will work as part of a cross-functional agile delivery team. You will bring an innovative approach to software development, focusing on using the latest technologies and practices, as part of a relentless focus on business value. You will be someone who sees engineering as team activity, with a predisposition to open code, open discussion and creating a supportive, collaborative environment. You will be ready to contribute to all stages of software delivery, from initial analysis right through to production support.

You will be joining the Corporate Bank (CB) Technology Risk and Control team as a senior technology risk manager (also known as embedded risk team lead). The Risk and Control team ensures that the Bank's control priorities are effectively implemented across CB Technology. The team's mission is to reduce the organization's technology risk exposure by monitoring and reporting on implementation of key controls, ensuring appropriate and timely resolution of risk issues, and participating in, and testing of, the design of controls. We are looking for an Information Security specialist to join our Embedded risk team and will be responsible for Information Security related Audit Management, Regulatory Engagement, Control Uplift remediations and overall ensuring security controls are implemented effectively and sustainably. You will be responsible for supporting one or more CIO-1 portfolios in managing audit/regulatory/self-identified findings, participating in regulatory and audit exams, monitoring stakeholders compliance with key risk indicators, and ensuring controls are implemented effectively and sustainably. Your role will be integral in supporting the front-line management in identifying and assessing/measuring risks, determining remediation plans, monitoring levels of risk, and implementation of remediation. You will work directly with CIO-1s, the CB Technology Chief Risk Officer, senior technology management, business and operations stakeholders, regulatory management, and other embedded risk teams. In addition, you will advise about information security (IS) issues as they relate to findings management, key risk indicators, control uplift programs and audit/regulatory exams.

What we'll offer you

As part of our flexible scheme, here are just some of the benefits that youll enjoy

Best in class leave policy

Gender neutral parental leaves

100% reimbursement under childcare assistance benefit (gender neutral)

Sponsorship for Industry relevant certifications and education

Employee Assistance Program for you and your family members

Comprehensive Hospitalization Insurance for you and your dependents

Accident and Term life Insurance

Complementary Health screening for 35 yrs. and above

Your Key Responsibilities:

Partner with and support CIO-1 areas in risk management and control implementation. Partner with portfolio owners and audit/regulatory/self-identified issue finding owners to ensure overall risk posture for the area is improved.

Will be responsible for Information Security controls and will partner with CIO teams and finding owners to ensure overall risk posture for the area is improved. Able to liaise with senior management and regulators on reporting of project milestones, key deliverables, and credibility to obtain key stakeholder sign offs. Will partner closely with technology stakeholders and business stakeholders in the development and execution of Risk Framework.

Support CIO-1 portfolio(s) in managing audit/regulatory/self-identified findings to ensure appropriate and timely resolution of risks/gaps in controls, and resolve non-compliance with Bank policies, procedures and processes and non-compliance with regulations and laws. Review and revise findings lifecycle event documentation.

Participate in, and coordinate with technology stakeholders, on internal and external audit and regulatory exams

Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified technology issues

Support application teams in control implementation requirements

Ensure risk remediation programs are initiated and executed. Design and implement processes to test effectiveness and sustainability of technical controls.

Develop strategies for reducing the risk exposure of CIO-1 portfolio(s), including preparedness of critical applications for audit and regulatory exams and working with application owners to address and prevent common risk issues

Assist application owners and other technology stakeholders in identifying and documenting risks and developing remediation

Tracking and reporting on CIO-1 portfolio(s) key risk indicators (KRI) and control uplift programs. Assisting application owners in developing plans to ensure compliance with KRIs and close control gaps.

Ensure risk remediation programs are initiated and executed in line with the Banks policies, procedures and standards.

Work with the application teams and control owners to identify and resolve potential issues in control design. Advise on effectiveness metrics, ensure control design includes proper evidence, and provide input to the design and effectiveness of centrally provided tooling.

Advise on information security controls and related IS control uplift programs. Liaise with IS control owners about exceptions and issues across CB Technology. Recommend solutions to ensure compliance with IS controls and KRIs.

Your Skills and Experience:

Excellent communication skills, both written and verbal to present ideas and concepts effectively

Knowledge of security concepts including security risk and NIST

Certification CISSP or CISSM preferred

Minimum 10 years expertise with atleast 5 years as an Information Security expert.

Relevant experience in technology risk management, risk advisory and audit management; prefer experience in information security controls, concepts and risks

Experience with testing technology controls

Control design skills and technical skills, particularly related to the testing of technology controls and processes

Experience in assessing risk, writing issues, and developing appropriate corrective actions

Excellent analytical and investigatory skills to identify underlying technology issues and

demonstrate viable solutions and problem solving

Prefer technical background (application development, infrastructure engineering, etc.)

Prefer experience in evaluating the adequacy and effectiveness of security policies and procedures

How Youll Lead:

Partner closely with technology and business stakeholders in the development and execution of the Banks risk framework

Promote proactive risk culture and sustainability of controls to technology stakeholders to help improve overall risk posture for the area

Liaise with senior management, audit and regulators on reporting of project milestones and key deliverables

How we'll support you

Training and development to help you excel in your career

Coaching and support from experts in your team

A culture of continuous learning to aid progression

A range of flexible benefits that you can tailor to suit your needs