Information Security Officer (ISO), AS

Position Overview

Job Description:

Job Title:Information Security Officer

Location:Bengalore, India

Corporate Title:AS

Role Description

• DWS Group operates in a business environment with an almost complete dependence on information, which is processed and transmitted by information systems and interconnected computer networks and stored physically and electronically. Information security risk and threat landscape are dynamic and requirements for security are constantly growing. It is essential for DWS that confidentiality, integrity (authenticity) and availability of information are protected, and risk is managed according to DWS Risk Appetite and in accordance with legal and regulatory requirements.
• As Information Security Officer for central team, you will have ownership of information and cyber security activities delivered within in scope applications. You will be the face and voice of the security function to the technology and business, and the face and voice of the business within security, working closely with stakeholders to understand their requirements/risks and subsequently enable services to be delivered in a targeted and proactive fashion. The role will ensure APAC region and jurisdictions DWS operates in, are compliant with any applicable legal, regulatory, clients and industry security requirements by carrying out appropriate internal and external reviews and gathering evidence from control owners.

What we'll offer you

As part of our flexible scheme, here are just some of the benefits that you'll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Establishing and maintaining close working relationships with key business and technology stakeholders on the group and regional level
• Coordinating external client, audit and regulatory requests related to security matters in the region
• Ensuring timely notification to business of new security and regulatory requirements
• Help building and promoting security awareness within the APAC region around security threat and exposure
• Ensuring security risk is understood by business and managed within to the company risk appetite
• Representing DWS security function at various regional, local, and divisional committees and councils
• Working closely with 3rd Party Security Management team on vendor risk assessment ensuring local and regional vendors are compliant with DWS security requirements
• Advising business on how to achieve the relevant controls and assist with solutions to support them
• Contribute to the Information Security incident management process on a regional and local level working closely with the Cyber Resilience and Operation team and business stakeholders
• Support the information security training and awareness initiatives in the region.

Your skills and experience

Essential

• Candidate should have proven experience of increasing responsibility in information, technical or cyber security roles in financial sector preferred
• Strong working knowledge and understanding of how to handle and respond to cyber security incidents
• Up-to-date knowledge of current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, combined with the understanding of the potential impact on the security posture
• Ability to manage conflicting priorities and multiple tasks in a high-pressure environment
• Experience of handling regulators and working with internal or external audit
• Excellent stakeholder management, effective communication and interpersonal skills at both a technical and non-technical level
• Highly self-motivated and directed, with keen attention to detail
• Positive attitude and a team player
• Proven experience in operating in a highly complex organisation with devolved structures and multiple stakeholders
• Excellent strategic and operational business awareness, with a deep understanding of the key drivers, levers, issues and constraints of digital businesses

Education / Certification

• Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security
• Nice to have Security professional related certification - CISSP, CISM, SANS or equivalent desirable
• Strong understanding of current security industry standards, best practices, and/or frameworks e.g., ISO27001, NIST, CIS, OWASP
• Fluent English and communication skills
• Additional local language skills would be beneficial

How we'll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

We strive for a in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.
Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.
We welcome applications from all people and promote a positive, fair and inclusive work environment.