Add office photos
All Filters
271 DWS Investment Jobs
Technology Risk Manager - Information Security
DWS Investment
posted 2mon ago
Job Role Insights
Key skills for the job
Job Description
We are looking for an Information Security specialist to join our Risk and Control team to be responsible for Cyber security working closely with the Information Technology risk and Embedded Risk Team. This involves in summary, Hands-on technical data analysis and control process improvement, Control effectiveness testing, Control Uplift remediations activities and overall ensuring technology and security controls are implemented effectively and sustainably.
The Risk and Control Team ensures the Banks information control priorities are effectively implemented across Corporate Bank & Investment Bank Technology. The team offers dedicated support for each Chief Information Officer (CIO) business line, advisory services for control responses, and program management services for broad control uplifts. The teams mission is to reduce the organizations technology risk exposure by implementing key bank controls, ensuring appropriate and timely resolution of audit issues, and participating in the Banks design of control implementations. Therefore, your role would be integral in supporting the front-line management in identifying, assessing/measuring risks, identifying remediation actions, and monitoring risks.
What we ll offer you
As part of our flexible scheme, here are just some of the benefits that you ll enjoy
- Best in class leave policy
- Gender neutral parental leaves
- 100% reimbursement under childcare assistance benefit (gender neutral)
- Sponsorship for Industry relevant certifications and education
- Employee Assistance Program for you and your family members
- Comprehensive Hospitalization Insurance for you and your dependents
- Accident and Term life Insurance
- Complementary Health screening for 35 yrs. and above
Your key responsibilities
At Risk & Control Governance team, you will be responsible for activities involving Information Security controls and will partner with the CB & IB Tech risk team, CIO teams and Risk Leads to ensure overall risk posture for the area is improved. Able to liaise with Risk leads, senior stakeholders and technology/process owners on reporting, technical data analysis, process improvements and tracking of key deliverables for control uplifts and ensuring operational effectiveness of controls are tested and reported. To be successful in this role the below are key responsibility areas
- Strong experience in Risk identification, assessment, treatment and monitoring of information security and cyber security risks across the IT landscape
- Lead information and application security control uplift programs in the Cyber Hygiene including application code scan, application threat monitoring etc
- Deep technical knowledge in Cyber Security and Information security guidelines and frameworks like NIST, ISO27001
- Governance analysing data gaps related to control uplifts, emerging patterns of compliance deterioration by technology, remediation responsibilities.
- Regulatory and Audit management support Provide analysis and supporting evidence review to improve quality of audit evidence submission for critical audit response/closure
- Provide assistance to application teams on Information Security control implementation requirements. Drive proactive risk culture within the organization.
- Control Uplift Remediation Ensures Information Technology and Information Security risk remediation programs are initiated and executed in line with Deutsche Bank policies and frameworks. Also work with policy owners and control owners to improve processes and tooling.
- Work with the control teams to identify and resolve potential issues in Information Security control design. Identify and resolve implementation issues. Suggest effectiveness metrics, ensure control design includes proper evidence, and provide input to the design and effectiveness of centrally provided tooling
- Ad hoc projects related to Information Security.
Your skills and experience
- Must have excellent knowledge and conduct Cyber Security control assessments and experience supporting it and related Certification preferred (CISA, ISO27001, etc)
- Good understanding of IT Governance, Risk and compliance principles, as well as IT Controls in all disciplines of technology domains
- Good familiarity in conducting Cyber security Control effectiveness testing based on specific risk patterns.
- Good familiarity with general Patching concepts and challenges in critical technologies (Java, Oracle, UNIX, etc.), PVG process and CVE advisory process for vulnerabilities
- Advanced verbal and written communication skills to present ideas and concepts effectively
- Demonstrable familiarity with concepts of Technology Roadmap Compliance, Patching lifecycle knowledge especially Java, Oracle, Disaster Recovery planning and testing
- Desirable experience providing support for external regulatory examinations or audits
- Desirable experience in assessing risk, writing issues, and developing appropriate corrective actions.
How we ll support you
- Training and development to help you excel in your career
- Coaching and support from experts in your team
- A culture of continuous learning to aid progression
- A range of flexible benefits that you can tailor to suit your needs
Employment Type: Full Time, Permanent
Read full job descriptionCompare DWS Investment with
TCS
Compare
Accenture
Compare
Wipro
Compare
Cognizant
Compare
Capgemini
Compare
HDFC Bank
Compare
ICICI Bank
Compare
Infosys
Compare
HCLTech
Compare
Tech Mahindra
Compare
Genpact
Compare
Teleperformance
Compare
Concentrix Corporation
Compare
Axis Bank
Compare
Amazon
Compare
Jio
Compare
Reliance Retail
Compare
IBM
Compare
iEnergizer
Compare
LTIMindtree
Compare
Similar Jobs for you
Share an Interview