Job Title: Senior Risk and Control Engineer, VP

Location: Pune, India

Role Description

• The Vice President, Risk & Control Engineering is a senior, hands‑on technology risk professional responsible for ensuring that applications and platforms operate within the firm’s defined risk appetite and comply with regulatory, audit, and internal control requirements.
• This role sits at the intersection of engineering, risk management, and governance, combining deep technical understanding with strong control ownership and accountability. The role holder is expected to actively engage with engineering teams, IT application owners, and control functions to identify, assess, and remediate technology risks in a sustainable and pragmatic manner.
• As a senior individual contributor, the VP Risk & Control Engineer leads through expertise and execution rather than hierarchy, taking ownership of complex risk matters, driving remediation to completion, and embedding risk awareness and control discipline into day‑to‑day technology operations.

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Own and manage IT Risk & Control activities for assigned applications and platforms, ensuring alignment with the firm’s risk appetite, regulatory requirements, and internal control frameworks.
• Drive the end‑to‑end lifecycle of Issues and Findings, including Audit Findings, Regulatory Findings, and Self‑Identified Issues (SIIs), from identification to closure, ensuring high‑quality root cause analysis, remediation plans, and evidence.
• Perform technical risk assessments and evaluate the feasibility and effectiveness of proposed remediation solutions, ensuring they are sustainable, compliant, and aligned with architectural and engineering standards.
• Act as (or support) the IT Application Owner (ITAO), ensuring applications meet all lifecycle obligations, including SDLC controls, production readiness, DR planning and testing, patching, vulnerability management, and open‑source compliance.
• Establish, maintain, and monitor application‑level controls, including control design, operating effectiveness, continuous control monitoring, and documentation in line with internal policies and external regulatory expectations.
• Partner with engineering, architecture, and platform teams to embed controls into day‑to‑day technology operations, promoting “risk by design” rather than reactive remediation.
• Coordinate with 2nd and 3rd Line of Defense (Risk, Compliance, Internal Audit) to support audits, regulatory reviews, and risk assessments, ensuring timely responses and consistent messaging.
• Maintain accurate risk profiles and reporting for assigned applications, providing transparency on risk status, criticality, dependencies, and remediation progress to senior stakeholders.
• Ensure effective governance of action items and deliverables, tracking ownership, timelines, and dependencies, and escalating risks or delays where required.
• Contribute to ongoing risk culture improvement by proactively identifying control gaps, driving continuous improvement, and promoting accountability across technology teams.

Your skills and experience

• 18+ years of experience in IT Risk, Technology Risk, Risk & Control, IT Governance, or Operational Risk within a regulated financial services environment (banking, asset management, capital markets, or equivalent).
• Proven, hands‑on experience managing Audit Findings, Regulatory Findings, and Self‑Identified Issues (SIIs), including root cause analysis, remediation planning, execution oversight, and sustainable closure.
• Strong experience operating within formal control frameworks, including control design, operating effectiveness, continuous control monitoring, and evidence management across multiple applications or platforms.
• Direct experience working with Internal Audit, Compliance, Risk Functions, and Regulators, supporting audits, reviews, inspections, and thematic assessments.
• Strong understanding of regulatory expectations for technology risk, operational resilience, and control environments, with the ability to translate them into actionable technical and operational controls.
• Demonstrated ability to establish and maintain strong governance over action items, dependencies, timelines, and ownership, including escalation of material risks.
• Strong stakeholder management skills, capable of engaging senior engineers, architects, product leaders, risk partners, and auditors with credibility and clarity.
• Excellent communication and documentation skills, with the ability to articulate complex risk and technical topics clearly to both technical and non‑technical audiences.

How we’ll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.html

We at DWS are committed to creating a diverse and inclusive workplace, one that embraces dialogue and diverse views, and treats everyone fairly to drive a high-performance culture. The value we create for our clients and investors is based on our ability to bring together various perspectives from all over the world and from different backgrounds. It is our experience that teams perform better and deliver improved outcomes when they are able to incorporate a wide range of perspectives. We call this #ConnectingTheDots.