Divisional Risk and Control Analyst - Chief Business Information Security Officer (BISO) Delegate

  • Deutsche Bank
  • Birmingham, United Kingdom
  • Jul 18, 2017
Full time Risk

Job Description

Our Operations group provides support for all of Deutsche Bank’s businesses to enable them to deliver operational transactions and processes to clients.  Our people work in established global financial centres such as London, New York, Frankfurt and Singapore, as well as specialist development and operations centres in locations including Bucharest, Moscow, Pune, Dublin and Cary. We move over EUR 1.6 trillion across the Bank’s platforms, support thousands of trading desks and enable millions of banking transactions, share trades and emails every day.

Our goal is to deliver world-class client service at exceptional value to internal partners and clients. A dynamic and diverse division, our objective is to make sure that all our services are executed in a timely and professional manner, that risk is minimised and that the client experience is positive. We are proud of the professionalism of our people, and the service they deliver. In return, we offer career development opportunities to foster skills and talent.
We work across a wide range of product groups, including derivatives, securities, global finance and foreign exchange, cash and trade loans and trust and securities services as well as cross-product functions.


Position Overview



Job title: Divisional Risk and Control Analyst - Chief Business Information Security Officer (BISO) Delegate
Corporate title: Senior Analyst
Division: Operations
Location: Birmingham


The Divisional Control and Regulatory Office (DCRO), has prime responsibility for managing and proactively mitigating risk across the Chief Operating Office (COO) organisation. The Chief Business Information Security Officer (BISO) team has the ultimate responsibility for the operational aspects of ensuring the compliance with the information security principles within COO Operations. The team also acts as the governance lead for Information Security management and are the primary contact for information security relevant matters within COO Operations globally.

As the Chief BISO Delegate you will be responsible for supporting the delivery of the risk and control policies and initiatives for COO Operations. This includes participation in risk and control activities, investigating violations, data leakage incidents, client confidentiality breaches, trend analysis and reporting, recertification cycles, incident research, remediation and other ‘ad hoc’ control initiatives and projects. You will work closely with teams in and out of the division to understand risks impacting the group.  

Key responsibilities:

  • Supports the Chief BISO team in implementing an appropriate Information Security Management System (ISMS) for COO Operations business division.
  • Ensures appropriate documentation of applied methodologies, processes, activities regarding management of Information Security.  This should include identified and assessed risks as well as risk mitigation measures.
  • Ensures appropriate Segregation of Duty (SoD) rules are implemented/recertified for all critical applications and represents Chief BISO at lead Chief Information Security Office (CISO) SoD governance forums on such topics.
  • Manages and delivers Information security projects mandated by CISO and business where applicable.
  • Ensures appropriate Information Security exception management and approvals for COO Operations.
  • Act as mediator and subject matter expert for business and IT management on information security topics.
  • Facilitates a regular communication and cooperation with all relevant stakeholder and functions such as the Business Information Security Officers, Technical Information security Officers, IT Asset owners as well as the CISO delivery and governance functions.

Skills and Qualifications:

  • Ability to manage multiple work streams
  • Inquisitive and probing approach to problem solving and general assessment
  • Ability to identify process inefficiencies, suggest improvements and implement where feasible
  • Knowledge and experience of implementing/auditing ISO27001 controls is beneficial
  • Risk and Control, Audit and/or Financial Services experience preferred
  • Excellent communication (both oral and written), numerical and analytical skills essential
  • Excellent stakeholder management at all levels of seniority
  • Strong analytical skills with ability to define, collect, analyse data, establish facts, draw valid conclusions, and make fact-based decisions
  • Knowledge is beneficial of one or more of the following Information Security processes, e.g. Identity and Access management, Information Security Incident and Problem Management, Information Security Governance for business and technology
  • Ability to work in fast paced environment and keep pace with technical/operational innovation
  • Open minded, willing to learn and run with new projects
  • Educated to degree level or equivalent experience

Deutsche Bank is an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital / civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality and ethnic or national origin, colour, sexual orientation or disability.

Please let us know if you require any adjustments to enable you to apply or attend an interview. If you would like to discuss your requirements, or have any concerns about the application process, please contact your recruiter.