Description
Job Description:
Position: Information Security Analyst
Functional Title: IS Analyst
Corporate Title: Sr. Analyst
Location : Mumbai
Position Description
IB Divisional CISO (D-CISO) Office:
The IB Divisional CISO has the ultimate responsibility for the operational aspects of ensuring compliance to Deutsche Bank's Information Security Principles. The Divisional CISO Office supports the Div. CISO in this task.
In this role the candidate will assist all of our business divisions by evaluating and mitigating information security risks in order to meet both audit and regulatory requirements.
Position Specific Responsibilities and Accountabilities
Key Responsibilities:
Central:
• User Access Management: provide recertification support and monitoring for in scope applications. This will include the need to follow up with senior business stakeholders. Coordinate the centralized recertification for applications which are not on-boarded to the banks central solutions
• Unstructured data and Access management (UDAM): take ownership of a number of Access Control lists, ensuring they remain in a compliant status. Assist in analyzing the structure of the ACLs used for access approval and provide suggestions for simplification and consolidation where appropriate
• End User Managed Application (EUMA) Governance and compliance: ensure implementation of controls (Manage EUMA Change Alerts - On-boarding to ESM/ADM; disabling embedded credentials etc.) to avoid any associated potential risks and measure compliance as defined by Global EUMA Governance
• Analyze the root cause for delays or incorrect processing and propose sustainable solutions
• Analyze security exceptions and provide recommendations as to their suitability for approval
• Generate MIS for multiple IS topics and to assist senior management identify risks
• Support the wider D-CISO office and ISO team where required
• Adhoc analysis and presentations
• Ensure all of the D-CISO office and central teams end-to-end processes are documented in a KOD
• Identify areas for improvement in processes in terms of both efficiency and quality
ISO:
• To ensure Information Security risk assessments and compliance evaluations for assigned IT assets are performed
• To provide sufficient information related to the business context, information sensitivity and nature of usage of an application, including identification and implementation of controls for identified Information Security risks in their area of responsibility
• To identify and describe application and business process dependencies (upstream and downstream) for integrity and availability evaluations, including changes
• To agree assessment results and track remediation, including follow-ups and mitigating actions
• To resolve data quality issues pertaining to the application portfolio
• To support Identity and Access management functions with regard to application recertification (including selection and onboarding to central recertification platform), user groups and entitlements including their functional conflicts.
• To cooperate with the D-ISO / D-CISO to address requests for policy interpretation, guidance and advice, to ensure creation of divisional policies in accordance with the IS Policy Governance and to support policy authors by raising questions to the policy advisory team
Education/ Qualifications
Skills Profile:
• Experience as IT and/or IS analyst – ideally in a Banking environment
• Proficiency in Microsoft Office applications (Excel, Word, PowerPoint, etc.)
• Very good communication skills in English (verbal and written) with ability to articulate / engage with Senior stakeholders (a must)
• Strong analytical skills and ability to transform complex issues into efficient solutions
• General Project Management skills
• Desire to work in a fast paced, challenging multi-cultural environment and with ability to work in a global team
• Self-motivated, critical thinking and good understanding of major business and risk processes
Experience/qualifications:
• Good university or post-graduate degree with Information Security, Risk Management and Governance
• Experience in banking industry with a strong sense of accountability and integrity
How we'll support you
• Training and development to help you excel in your career
• Flexible working to assist you balance your personal priorities
• Coaching and support from experts in your team
About us and our teams
Please visit our company website for further information:
Our values define the working environment we strive to create – diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.
We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, ****** orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.
Click to find out more about our diversity and inclusion policy and initiatives