INFSEC Specialist- Assistant Vice President
INFSEC Specialist- Assistant Vice President
Job ID: 3174102
Location: McLean, United States of America
Our technology teams are responsible for the bank's entire information technology infrastructure. They develop and maintain the software required to support the bank's business. The teams work closely with the businesses and other infrastructure units to modernise the bank's IT systems to reduce complexity, risk and enable business growth.
With award-winning mobile banking apps and trading systems, our technology helps Deutsche Bank deliver high-quality products to clients. We make sure that the phones and computers work and that emails are delivered - but we also develop solutions that help our people share their knowledge, expertise and passion for our business.
Deutsche Bank sees itself as a technology-driven company that can gain market share with new, cutting-edge ideas. The ambition is to be a leader in the area of digitalisation.
We are making investments into digital technology across all businesses to enhance the client experience, harness the power of data, and strengthen efficiency and controls by increasing automation. We are also collaborating with external partners such as start-ups, FinTechs, and technology specialists worldwide to discover and implement innovative solutions for our clients.
Deutsche Bank has become one of the first financial institutions to establish a professional research and development department, including capabilities such as four innovation labs and the digital factory in Frankfurt.
Join us here, and you'll constantly be looking ahead. We'll look to you to capitalise on new technological trends that can reshape our business and deliver value for our clients, whilst still meeting the demands of customers, regulators and the markets.
Job Title: INFSEC Specialist
Corporate Title: Assistant Vice President
Location: McLean, VA
About Deutsche Bank
We are Germany's leading bank with strong positions in Europe and significant presence in the Americas and Asia Pacific. We're driving growth through our strong client franchise, investing heavily in digital technologies, prioritizing long-term success over short-term gains, and serving society with ambition and integrity. We serve our clients' real economic needs in commercial and investment banking, retail banking and transaction banking, and provide ground-breaking products and services in asset and wealth management. That means a career packed with opportunities to grow and the chance to shape the future of our clients.
This position exists within the Security Architecture team of the CSO group of Deutsche Bank. The team is responsible for developing and enforcing the enterprise security architecture across the Bank. The team develops reference architectures based on policy, regulations, end user requirements and best practices for use across the Bank.
As an IT Security Architect, you will be responsible for secure design of various applications within the Bank using security design patterns that confirm to Deutsche Bank's security policies, standards, procedures and guidelines using a risk-based compliance approach. As a member of the security architecture team, will facilitate in the understanding and shaping of the end-to-end security strategy, governance, and architecture across IT projects, architectures, and designs. You will provide key contribution into thoughts and ideas for protecting the overall enterprise security of the Deutsche Bank.
- Facilitate the understanding and shaping of the end-to-end security strategy and architecture
- Develop technical cyber security reference architectures aligned to enterprise security architecture elements that set the standards for cyber security technology
- Enhance or articulate overarching security architecture governance across IT projects, architectures, and designs
- Assist in the design decisions proposed by the various design authorities (e.g. project leads and / or project architects) to meet broader organizational security objectives
- Review security design decisions which need to be taken through the development of a target operating model; or as a result of on-going change initiatives
- Enforce compliance of the Bank security program's polices, standards, and procedures as relate to each project
- Evaluate and recommend security technologies and solutions
- Ensure alignment of security technologies used across the Bank
- Research and stay up to date on emerging threats landscape and security controls
- Explore vendor or in house products to address security gaps
- Promote security awareness and educate people at all levels of the Bank
- Identify points of architectural risk in new projects using architectural threat risk assessment and threat modeling techniques
Technical Skills and Certifications:
- Network security
- Application Security
Desirable Skills and Certifications:
- Certification in architecture frameworks such as TOGAF, SABSA, and/or Zachman
- At least one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Systems Manager (CISM
- Comprehension of English
- Experience working in cross-functional teams
- Expected travel for this position is up to 10%
- Supports the development of an environment where people management and development is the number one priority
- Actively supports the business strategy, plans and values, contributing to the achievement of a high performance culture
- Takes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contribution
- Acts as a role model for new employees, providing help and support to facilitate early integration and assimilation of their new environment
- Supports tough people decisions to ensure people performance is aligned with organization imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance
- Working knowledge of security services such as encryption, authentication, and intrusion detection and prevention architectures, Identity & Access Management, application security and network security
- Working knowledge of cloud security SaaS offerings, including Salesforce, Office 365, Workday, etc
- Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
- Familiarity with ISO 27001, 27002, and 27005
- Experience with architecture frameworks such as SABSA, Zachman, or TOGAF
- Experience with information security governance in an enterprise setting
- Familiarity with cyber security architecture using trusted computing model
- Security auditing to include knowledge of financial industry regulations: Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), and Federal Financial Institutions Examination Council (FFIEC), Monetary Authority of Singapore (MAS)
- Experience in using threat modeling techniques such as Microsoft Threat Modeling Process (STRIDE/DREAD), Trike, AS/NZS 4360:2004, CVSS, OCTAVE
- Bachelor's degree in Computer Science, Computer Engineering, or Information Systems (required)
- Experience in the field of IT Security, Information Assurance, or IT Auditing
For candidates applying for positions in the US:
Deutsche Bank is an Equal Opportunity Employer - Veterans/Disabled and other protected categories. Click these links to view the "EEO is the Law" poster and pay transparency statement.
Meet Some of Deutsche Bank's Employees
Laura coordinates Deutsche Bank’s global efforts to combat criminal behavior by introducing and enforcing important policies and procedures.
Back to top