INFSEC Specialist- Assistant Vice President

Deutsche Bank - McLean, VA (30+ days ago)3.9

Job Title: INFSEC Specialist
Corporate Title: Assistant Vice President
Location: McLean, VA

About Deutsche Bank

We are Germany’s leading bank with strong positions in Europe and significant presence in the Americas and Asia Pacific. We’re driving growth through our strong client franchise, investing heavily in digital technologies, prioritizing long-term success over short-term gains, and serving society with ambition and integrity. We serve our clients’ real economic needs in commercial and investment banking, retail banking and transaction banking, and provide ground-breaking products and services in asset and wealth management. That means a career packed with opportunities to grow and the chance to shape the future of our clients.

Role Description

This position exists within the Security Architecture team of the CSO group of Deutsche Bank. The team is responsible for developing and enforcing the enterprise security architecture across the Bank. The team develops reference architectures based on policy, regulations, end user requirements and best practices for use across the Bank.

As an IT Security Architect, you will be responsible for secure design of various applications within the Bank using security design patterns that confirm to Deutsche Bank's security policies, standards, procedures and guidelines using a risk-based compliance approach. As a member of the security architecture team, will facilitate in the understanding and shaping of the end-to-end security strategy, governance, and architecture across IT projects, architectures, and designs. You will provide key contribution into thoughts and ideas for protecting the overall enterprise security of the Deutsche Bank.

Role Responsibilities:
  • Facilitate the understanding and shaping of the end-to-end security strategy and architecture
  • Develop technical cyber security reference architectures aligned to enterprise security architecture elements that set the standards for cyber security technology
  • Enhance or articulate overarching security architecture governance across IT projects, architectures, and designs
  • Assist in the design decisions proposed by the various design authorities (e.g. project leads and / or project architects) to meet broader organizational security objectives
  • Review security design decisions which need to be taken through the development of a target operating model; or as a result of on-going change initiatives
  • Enforce compliance of the Bank security program’s polices, standards, and procedures as relate to each project
  • Evaluate and recommend security technologies and solutions
  • Ensure alignment of security technologies used across the Bank
  • Research and stay up to date on emerging threats landscape and security controls
  • Explore vendor or in house products to address security gaps
  • Promote security awareness and educate people at all levels of the Bank
  • Identify points of architectural risk in new projects using architectural threat risk assessment and threat modeling techniques
Technical Skills and Certifications:
  • Network security
  • Application Security
Desirable Skills and Certifications:
  • Certification in architecture frameworks such as TOGAF, SABSA, and/or Zachman
  • At least one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Systems Manager (CISM
Language Required:
  • Comprehension of English
Special Circumstances:
  • Experience working in cross-functional teams
  • Expected travel for this position is up to 10%
People Management:
  • Supports the development of an environment where people management and development is the number one priority
  • Actively supports the business strategy, plans and values, contributing to the achievement of a high performance culture
  • Takes ownership for own career management, seeking opportunities for continuous development of personal capability and improved performance contribution
  • Acts as a role model for new employees, providing help and support to facilitate early integration and assimilation of their new environment
  • Supports tough people decisions to ensure people performance is aligned with organization imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance

Requires Skills:
  • Working knowledge of security services such as encryption, authentication, and intrusion detection and prevention architectures, Identity & Access Management, application security and network security
  • Working knowledge of cloud security SaaS offerings, including Salesforce, Office 365, Workday, etc
  • Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
  • Familiarity with ISO 27001, 27002, and 27005
Optional Skills:
  • Experience with architecture frameworks such as SABSA, Zachman, or TOGAF
  • Experience with information security governance in an enterprise setting
  • Familiarity with cyber security architecture using trusted computing model
  • Security auditing to include knowledge of financial industry regulations: Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), and Federal Financial Institutions Examination Council (FFIEC), Monetary Authority of Singapore (MAS)
  • Experience in using threat modeling techniques such as Microsoft Threat Modeling Process (STRIDE/DREAD), Trike, AS/NZS 4360:2004, CVSS, OCTAVE
  • Bachelor's degree in Computer Science, Computer Engineering, or Information Systems (required)
  • Experience in the field of IT Security, Information Assurance, or IT Auditing

For candidates applying for positions in the US:

Deutsche Bank is an Equal Opportunity Employer - Veterans/Disabled and other protected categories.