Corporate Bank

The first line Tech Risk function for business divisions CB, IB and Ops at Deutsche Bank sits within the Divisional Control Office. CB and IB front-to-back have the largest footprint as a risk bearing function within the banking divisions, and you will be part of a dynamic team which is consistently in demand for providing insights, assessments and managing Information Technology (IT) and Information Systems (IS) risks on behalf of the business.

Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture and has a functional responsibility for providing a central point of oversight over the Risk & Control Assessments (RCA). This includes supporting the business by driving Risk & Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM (2LOD) guidelines. RCA is a key component of the bank's non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks. As part of the team, you will join the Banks journey and contribute towards our strategic goal of managing technology risk within appetite whilst enabling adoption of emerging and new technologies for business growth. This role will specifically perform RCAs as related to the IB business. Knowledge of IB products/operations is a big plus

Your key responsibilities

Collaborate with businesses and support them in conducting Risk & Control Assessments as per NFRM guidelines specifically focusing on Information Security (IS) / Information Technology (IT) risks

Analyze contextual data and relevant data triggers and determine or update risk profile, inherent risk, control environment and residual risk ratings along with supporting rationale, liaising with Risk Types SMEs in their business

Ability to assess impact of control environment on inherent risk along with documentation of qualitative assessment

Participate in 1LoD-led RCA meetings for business to drive the risk discussions, focusing on key or emerging risks that may impact the business

Coordinate with businesses/2LoD and assist in 2LoD challenges

Prepare RCA reports and obtain business sign-offs

Document risk mitigation decisions, if required, with consideration of risk appetite

Deliver high quality Global Governance decks and reporting trends to support senior management

Your skills and experience

CISA/CRISC or relevant security qualifications with experience of Risk & Controls and/or Internal Audit in banking industry covering Information Security (IS) / Information Technology (IT) risks

Experience in SOX/ ISO27001 control framework

Knowledge related to risk management (including conducting Risk & Control Assessments) and corporate banking products, processes and systems preferred, specifically focusing on Information Security (IS) / Information Technology (IT) risks

Proven people management skills with ability to lead activities independently

Strong quantitative and analytical skills required to critically evaluate information for key risk assessments

Strong project management skills and a proactive team partner

Influencing, negotiation skills and stakeholder management expertise

Strong verbal and written communication skills

Proficiency with automating tasks in Excel to improve efficiency a plus, but not mandatory