IT Security Analyst, Associate

• The Cryptography Engineering and Solutions team at Deutsche Bank, operating under the Chief Security Office (CSO), defines the bank’s cryptography strategy and provides expert guidance on all crypto-related matters, including audits and regulatory compliance. For the Crypto Infrastructure initiative, we are seeking an IT Security Developer to contribute to strategic programs within Cryptography Engineering and Solutions an Associate Information Security Specialist supporting the design and maintenance of CI/CD pipelines on Google Cloud Platform (GCP), with a focus on cryptographic services and automation.
• We’re looking for a skilled and security-focused developer to join our team with a deep expertise in Java and Python development, a strong understanding of applied cryptography, and hands‑on experience developing, deploying and managing applications on Google Cloud Platform (GCP) using Infrastructure as Code (IaC).

Information Security is responsible for preventing IT‑based crime, hacking, intentional or inadvertent modification, disclosure, or destruction of the organization’s information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders. Roles within Information Security may cover one or more areas of speciality:

• Identity & Access Management (which may include, for example, authentication; access management & control; recertification, etc.)
• Information Security (IS) Operations (which may for example include cyber threat operations, cyber forensics, protection against data leakage, etc.)
• IS Technology (which may include IS architecture, IS engineering, cryptographic services, etc.).

Work includes:

• Identifying and evaluating potential areas of Information Security threat by assessing the probability and impact, and implementing associated mitigations; monitoring and contributing to the implementation of the Information Security strategy.
• Evaluating the adequacy and effectiveness of internal controls relating to Information Security risks.
• Ensuring appropriate procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders.
• Developing appropriate, pragmatic strategies to deliver effective controls and Information Security management objectives and implementation across the bank.
• Managing client relationships and ensuring management focus on the Information Security agenda.

As part of our flexible scheme, here some of the benefits that you’ll enjoy:

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive hospitalization insurance for you and your dependents
• Accident and term life insurance
• Complementary health screening for 35 yrs. and above

• Implement and optimize CI/CD pipelines for application deployment on GCP. Develop automation scripts and tools to streamline operational workflows and reduce manual effort.
• Write clean, maintainable, and well‑documented code for cryptographic components and related integrations.
• Collaborate with cross‑functional teams to translate security requirements into robust technical solutions.
• Troubleshoot and resolve technical issues, ensuring high availability and reliability of cryptographic services.
• Contribute to code reviews, testing, and performance tuning to maintain quality standards.
• Stay updated on emerging cryptography and security technologies and incorporate best practices into development.
• Maintain technical documentation (runbooks, architectural diagrams, standards) to support knowledge continuity and onboarding.
• Participate in incident reviews and improvement actions for security or availability events affecting cryptographic services.

• 5+ years of hands‑on development experience in IT Security or related domains.
• Strong programming skills in Python and Java; experience with scripting for automation and integration.
• Familiarity with Infrastructure as Code (IaC) tools such as Terraform (highly advantageous).
• Working knowledge of cloud platforms like AWS, GCP, or Azure; experience deploying and managing applications in cloud environments.
• Understanding of containerization and orchestration technologies (e.g., Kubernetes, Docker).
• Exposure to CI/CD pipeline development and automation frameworks. Ability to write secure, maintainable, and scalable code aligned with cryptographic and security best practices.
• Experience with Agile development methodologies and collaborative tools.
• Experience with code management tools (e.g. GIT, Bitbucket).
• Strong problem‑solving skills and proficiency in English for effective communication.
• Preferred: exposure to hardware‑backed key storage (HSM) or emerging cryptography standards; motivated to deepen HSM/PQC concepts.

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

Please visit our company website for further information:

https://www.db.com/company/company.html

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.