Job Description
Description
The TISO acts based on the direction of and the tasks assigned by the Divisional TISO. The TISO is typically assigned a set of application software assets and associated databases (IT aspects only), Infrastructure software assets, IT services, hardware assets or IT assets associated with building / facilities. Therefore, the TISO assumes ownership for these assets from an IT Security perspective. The TISO executes all tasks that are assigned to this role based on defined and approved rules and processes
What we’ll offer you
As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
Best in class leave policy
Gender neutral parental leaves
100% reimbursement under childcare assistance benefit (gender neutral)
Sponsorship for Industry relevant certifications and education
Employee Assistance Program for you and your family members
Comprehensive Hospitalization Insurance for you and your dependents
Accident and Term life Insurance
Complementary Health screening for 35 yrs. and above
Your Key Responsibilities
The TISO’s responsibilities within the assigned Unit comprise:
To accept the ownership and responsibility for the Information Security of the assigned IT assets
To carry out the IS Risk and compliance assessments for the assigned IT assets and processes
To remain fully trained and skilled by completing the required Information Security training provided by CSO or as requested by the Principal TISO or the Divisional TISO
To provide guidance to key role holders such as ITAOs and IS Officers to develop a secure environment by evaluating the IT Security requirements as early as possible in the system development life cycle to select the applicable Information Security Controls for implementation
To guide ITAOs on the implementation of compensating controls in case of deviations from the applicable Information Security Controls
To approve the access control and user authorisation setup of the assigned IT assets. To execute and document periodical recertification of access rights in compliance with the DB Group Identity and Access management processes
To ensure that the necessary Information Security Controls are implemented
To cooperate with key role holders such as ITAOs and IS Officers to put monitoring capabilities for IT assets in place Information Security Policy – Deutsche Bank Group For internal use only Page 24
To review the output of the monitoring jointly with the key role holders such as ITAOs and IS Officers to avoid degradation of the required security level
To analyse and review the configuration of IT assets where required and to advise on the remediation of gaps according to the applicable Information Security policies
To contribute to the Information Security incident management process in the case of a security breach for their IT assets, if requested
To maintain the Information Security related documentation of assigned IT assets in the DB Group IT asset inventory.
Proactively recertify users, groups coming from all such dashboards, perform attestations, security warnings
Act as mediator and subject matter expert for business and IT management on information security topics.
Demonstrates personal commitment to the Bank’s values
Adheres to Bank Policies and Procedures and drives compliance within the team.
Takes ownership for own development and career management, seeking opportunities to develop personal capability and improve performance contribution
People Management
Actively supports the business strategy, plans and values, contributing to the achievement of a high performance culture
Takes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contribution
Acts as a role model for new employees, providing help and support to facilitate early integration and assimilation of their new environment
Supports tough people decisions to ensure people performance is aligned with organisation imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance
Your Skills & Experience
Minimum 5 years working experience on Identity & Access Management, Governance, Risk and Control related topics
Basic knowledge technology like Mainframe (COBIT, JCL, DB2), microservice architecture, JAVA, ITIL, ServiceNow, JIRA
Good business analyse knowledge of system design, development, implementation, and user support principles and practices
Working knowledge about Use recertification process and impact, application security concepts and findings like 2FA, representing application in audits and support ITAO
Basic Knowledge on Database Systems, application interactions and server operating systems
Working Knowledge around Network Security concept
Good communication skills, both written and verbal are fluent in English (written/verbal)
Good analytical skills and problem solving abilities
Education/Qualifications
Bachelor of Science degree from an accredited college or university with a concentration in Computer Science or Software Engineering (or equivalent)
Proven capabilities / competencies in mitigating the Information Security / Application Governance / IT Control etc.
Strong understanding of service delivery and relationship management
Project management, analytical and problem solving skills
Effective communication and strong interpersonal skills
Team player, highly motivated, practical problem solver
How we’ll support you
Training and development to help you excel in your career
Coaching and support from experts in your team
A culture of continuous learning to aid progression
A range of flexible benefits that you can tailor to suit your needs
