Full Description + Application Link

Job ID:R0274082     Full/Part-Time: Full-time
Regular/Temporary: Regular     Listed: 2024-10-15
Location: Cary
Position Overview

Job Title Information Security Expert – Cloud Security Engineering

Corporate Title Assistant Vice President

Location Cary, NC

Who we are

In short – an essential part of Deutsche Bank’s technology solution, developing applications for key business areas.

Our Technologists drive Cloud, Cyber and business technology strategy while transforming it within a robust, hands-on engineering culture. Learning is a key element of our people strategy, and we have a variety of options for you to develop professionally. Our approach to the future of work champions flexibility and is rooted in the understanding that there have been dramatic shifts in the ways we work.

Having first established a presence in the Americas in the 19th century, Deutsche Bank opened its US technology center in Cary, North Carolina in 2009. Learn more about us here.

Overview

Deutsche Bank has a major business and technology program to adopt public cloud services, including a ten-year partnership with Google. The Bank’s security team established a Cloud Security Enablement program to embed security into its cloud environments and integrate into its overall range of information security capabilities. Within Cloud Security Enablement, our team focuses on Cloud Security Engineering and specializes in developing in-cloud security controls (guardrails) using infrastructure-as-code, policy-as-code techniques, and a mix of cloud-native and third-party solutions. We are looking for an information security expert in Cloud Security Engineering to analyze and specify how to secure cloud services in Google Cloud Platform and Azure, and to help the Bank innovate and adopt public cloud at scale, while protecting its data. You’ll need to have a blend of security, engineering, and cloud skills, and a passion for cloud security.

What We Offer You

    A diverse and inclusive environment that embraces change, innovation, and collaboration

    A hybrid working model with up to 60% work from home, allowing for in-office / work from home flexibility, generous vacation, personal and volunteer days, a commitment to Corporate Social Responsibility

    Employee Resource Groups support an inclusive workplace for everyone and promote community engagement

    Access to a strong network of Communities of Practice connecting you to colleagues with shared interests and values

    Competitive compensation packages including health and wellbeing benefits, retirement savings plans, parental leave, and family building benefits, educational resources, matching gift and volunteer programs

What You’ll Do

    Analyze the security features and needs of cloud services that have been requested by the Bank’s application developer community, based on vendor documentation and your own hands-on experimentation

    Specify security rules for guardrails that can be enforced both at build time (during the Continuous Integration/Continuous Deployment (CI/CD) pipeline) and at run time (to detect deviations from policy), using third party and cloud-native tooling

    Identify other security-enforcing measures that are needed to make the cloud services safe to use, and work with the owners of those solutions to plan the implementation

    Clearly document your analysis, any residual risks that you have identified, and the implementation plan for controls; and present this to stakeholders for their review and agreement

    Collaborate with other engineers to ensure specifications are implemented in policy-enforcing tools, and contribute to the team’s tooling strategy, and act as an internal expert in the security features of cloud services, to advise other teams on options for improving and maintaining security; contributing to or reviewing architectural reference documents for those cloud services

    Periodically revisit the analysis and guardrail specification of past services, to take account of changes made by the vendor, and how the Bank’s developers want to use the services

Skills You’ll Need

    Experience in information security and public cloud technologies

    Understanding of Google Cloud Platform or Microsoft Azure, with the ability to go hands-on to investigate the platforms’ security features

    Exposure to current development techniques such as agile, CI/CD pipelines, Terraform

    Awareness of cloud security products such as Cloud Security Posture Management tools with the ability to write and explain your ideas in a very clear and concise way, tailoring your style to the knowledge of the audience

    Understanding of an international, complex, matrix-management organization and working with audit, control, and risk functions in a regulated organization

Skills That Will Help You Excel

    Excellent communication skills, both written and spoken

    Passionate about Information Security and Cloud Security Engineering

    Self-motivated

    Self-starter

Expectations

It is the Bank’s expectation that employees hired into this role will work in the Cary office in accordance with the Bank’s hybrid working model.

Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion.

The salary range for this position in Cary is $100,000 - $142,250. Actual salaries may be based on a number of factors including, but not limited to, a candidate’s skill set, experience, education, work location and other qualifications. Posted salary ranges do not include incentive compensation or any other type of remuneration.