Responsibilities:

• To accept the ownership and responsibility for the information security of the assigned IT Assets.
• To carry out the Information Security Risk and Compliance Assessments for the assigned IT Assets and processes.
• To remain fully trained and skilled by completing the required Information Security training provided by CSO or as requested by the Principal TISO or the Divisional TISO.
• To provide guidance to key role holders such as ITAOs and ISOs to develop a secure environment by evaluating the IT Security requirements as early as possible in the system development life cycle to select the applicable information security controls for implementation. 
• To approve the access control and user authorization setup of the assigned IT Assets. To execute and document periodical recertification of access rights in compliance with the DB Group Identity and Access Processes.
• To ensure that the necessary Information Security controls are implemented, influences IT risk & control-related policies/standards and provide feedback as subject matter expert. (Co-) Design implementation measures and oversee their implementation.
• To cooperate with key role holders such as ITAOs and ISOs to put monitoring capabilities for IT Assets in place. To review the output of the monitoring jointly with the key role holders such as ITAOs and ISOs to avoid degradation of the required security level.
• To analyse and review the configuration of IT Assets where required and to advise on the remediation of gaps according to the applicable Information Security policies.
• To contribute to the Information Security Incident Management Process in the case of a security breach for their IT Assets, if requested.
• To maintain the Information Security related documentation of assigned IT Assets in the DB Group IT Asset inventory.

Must have:

• Masters Degree from an accredited college or university (or equivalent Diploma) preferred
• CISM (Certified Information Security Manager) or CISSP (Certified Information Systems Security Professional) or CISA (Certified Information Systems Auditor)
• 6-Sigma Green Belt (Minimum) - Black Belt (Preferred)

Experience:

• 5 years' experience (or comparable track record) in risk and compliance management
• 5 years expert knowledge in a minimum two and experience in all of the following fields: operational risk management, regulatory program management, information security, data protection, quality management (CMMI or ITIL or 6-Sigma) or IT development.
• Excellent analytical skills to evaluate problem, root cause and resolution
• Well proven influencing skills in a multi-cultural and globally matrixed organizations
• Experience in translation of very complex topics in clear and crisp messages/ visions
• Fluent in English (written/verbal)

Education:

• Masters Degree from an accredited college or university (or equivalent Diploma) preferred
• CISSP (Certified Information Systems Security Professional) or equivalent
• CCSP - Certified Cloud Security Professional (preferred)
• Operating System Certification

Nice to have:

• German (optional)