Threat Governance Specialist (f/m/x)

Position Overview

DB Global Technology is Deutsche Bank’s technology centre in Central and Eastern Europe. Since its set-up in 2013, Bucharest Technology Centre (BEX) has constantly proven its capacity to deliver global technology products and services, playing a dynamic role in the Bank’s technology transformation.

We have a robust, hands-on engineering culture dedicated to continuous learning, knowledge-sharing, technical skill development and networking. We are an essential part of the Bank’s technology platform and develop applications for many important business areas.

The Threat Governance Specialist supports the day‑to‑day governance, risk management, coordination, and documentation efforts of the Insider Risk Management (IRM) program. This role focuses on helping maintain controls, processes, and reporting structures that ensure insider‑risk monitoring remains compliant, reliable, ethical, and aligned with business requirements.

This is the ideal role for someone early in their Cybersecurity, Governance Risk and Control (GRC), or Compliance career who is interested in the areas of insider threat governance, data centric security, privacy‑aligned monitoring, risk frameworks, and cross‑functional coordination.

Key Responsibilities:

• Program Governance & Framework:
• Support the Insider Risk Management governance framework, including control requirements, escalation models, and oversight committees.
• Maintain the Insider Risk Assessment, governance documentation, and risk review cycles.
• Track program maturity roadmaps, KPIs, and risk reduction goals.
• Policy Management & Regulatory Alignment:
• Ensure alignment with relevant legal, privacy, and regulatory frameworks (GDPR, ISO 27001, NIST 800‑53, SOC 2, HIPAA, etc.).
• Develop internal standards, processes, and controls to support proactive risk management.
• Maintain documentation for audits, compliance reviews, and senior-management reporting.
• Continuous Improvement:
• Conduct periodic risk assessments and maturity evaluations of the Insider Risk Program.
• Measure effectiveness of controls using KPIs and dashboards; recommend enhancements.
• Evaluate and implement advanced security technologies to improve detection capabilities.
• Cross‑Functional Collaboration:
• Partner with Divisional and Regional Information Security Officers, IT representatives and all other involved parties to ensure reliability, correctness and timeliness of the Insider Risk Management Framework.
• Support governance committees or workgroups focused on risk, security, and compliance.
• Provide subject‑matter expertise for the Insider Risk Management program, such as policy updates, employee lifecycle processes, and IT access governance.
  
  
  

Qualifications:

• Education: Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Risk Management, or equivalent experience.
• Experience:
• 3–7 years of experience in insider threat, cybersecurity governance, SOC, risk management, or related fields.
• Experience with insider risk tools (e.g., Microsoft Purview IRM, SIEM platforms, UEBA solutions, DLP tools).
  
  
  

Skills:

• Strong understanding of data protection, access governance, and compliance frameworks.
• Excellent analytical, investigative, and documentation skills.
• Ability to handle sensitive information with discretion.
• Familiarity with Data Loss Prevention, User and Entity Behavior Analytics, and endpoint security technologies.
• Very good communication skills (especially concerning senior management reporting) and an excellent command of English both written and oral
  
  
  

Relevant certifications: CISM, CISA, CISSP, GIAC Insider Threat (GSIP), CRISC, Security+, or similar are a plus

Well-being & Benefits

Emotionally and mentally balanced: We support you in dealing with life crises, maintaining stability through illness, and maintaining good mental health.

• Empowering managers who value your ideas and decisions. Show your positive attitude, determination, and open-mindedness.
• A professional, passionate, and fun workplace.
• A modern office with fun and relaxing areas to boost creativity.
• Continuous learning culture with coaching and support from team experts.
• A culture where you can openly speak about mental health.
  
  
  

Physically thriving: We support you in managing your physical health by taking appropriate preventive measures and providing a workplace that helps you thrive. For example, Private healthcare and life insurance with premium benefits for you and discounts for your loved ones, healthier ways of working and check-ups.

Socially connected: We strongly believe in collaboration, inclusion and feeling connected to open up new perspectives and strengthen our self-confidence and well-being.

• 24 days holiday, loyalty days, and bank holidays (including weekdays for weekend bank holidays).
• Hybrid working model with 40% remote work.
• Options for flexible working hours.
• Enjoy retailer discounts, cultural and CSR activities, workshops, and more.
  
  
  

Financially secure: We support you in meeting personal financial goals during your active career and for the future.

• Competitive income, performance-based promotions, and a sense of purpose.
• Meal vouchers, bonuses for referrals
  
  
  

Interested in more: discover what our employees value in the Well-being & Benefits hub !

We strive for a Culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank.

We welcome applications from all people and promote a positive, fair and inclusive work environment.

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.