Job Description: Overview We are looking for a knowledgeable Information Security Specialist to operate as a member of the Chief Security Office (CSO) Third Party Security team (TPS). As an Information Security Specialist, you will be responsible for supporting the development, execution, and maintenance of Deutsche Bank’s information security strategy and program under the management of the CSO. You will work in strategic alignment and partnership with Deutsche Bank’s vendor risk management program under Third Party Management (TPM). What We Offer You: We offer competitive health and wellness benefits, empowering you to value life in and out of the office Active engagement with the local community through Deutsche Bank’s specialized employee groups An environment that encourages networking and collaboration across functions and businesses Return to Office: It is the Bank’s expectation that employees hired into this role will work in the Bucharest Romania office in accordance with the Bank’s hybrid working model Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion Your Key Responsibilities: As a senior manager, lead and manage specialist and complex Third Party Security assessments Responsible for the management of all Third Party Security (TPS) activities in Bucharest (local manager)- staff supervision, performance, service delivery, talent recruitment, development and retention Act as local escalation point for squad assessors and ensure pro-active supervision across assessment activities Pro-actively identify risks, manage risks and develop robust solutions to time critical assessment and stakeholder challenges Act as the EMEA Regional Lead, representing TPS across regional/country meetings and manage regional regulatory an compliance driven activities Take responsibility for specific regional and global initiatives as designated by the Head of Third Party Security Support and coordinate Vendor Information Security Review processes, track vendors and services, escalate issues, when necessary, negotiate with vendor security, and legal team on the contractual security obligations Assist with compliance and risk assessment programs which support corporate wide security programs, and participate in additional key control projects related to the overall enhancement of the assessment function Conduct Risk evaluation and business impact analysis of the identified gaps, and provide comprehensive documentation of the identified gaps Review vendor policies related to Information Security, comparison, and gap analysis to the Deutsche Bank security requirements Track vendors and services, escalate issues when necessary, negotiate with vendor security and legal team on the contractual security obligations Formulate remediation recommendations, and actively work with vendors and project managers on Information Security related findings to resolve issues as quickly as possible to help build and strengthen the relationship Your Skills and Experience: Knowledge of technical and organizational controls regarding Information Security, and Risk Management principles Experience with ISO27001 standard and current industry and agency standards, best practices and frameworks including NIST, ENISA, ISO27001, ISO27017, SOC2, SoX, PCI, and MITRE ATTCK Experience in response and management of regulatory requests and engagements, together with experience in audit/compliance driven exercises Experience in third party/supply chain security assessments Understanding of Governance Risk and Control (GRC) tools, services, frameworks, and best practices Experience with standardized assessment programs such as the Cloud Security Alliance (CSA), Cloud Controls Matrix (CCM), and CSS Consensus Assessment Initiative Questionnaire (CAIQ), Shared Assessment Program (SIG), etc Understanding of financial regulations which impact information security Our values define the working environment we strive to create – diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer. We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation. Visit Inside Deutsche Bank to discover more about the culture of Deutsche Bank including Diversity, Equity Inclusion, Leadership, Learning, Future of Work and more besides. Deutsche Bank provides commercial and investment banking, retail banking, transaction banking and asset and wealth management products and services to corporations, governments, institutional investors, small and medium-sized businesses, and private individuals. Deutsche Bank is Germany’s leading bank, with a strong position in Europe and a significant presence in the Americas and Asia Pacific.