Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Employer? Claim Account for FREE

DWS Investment

Compare

No reviews yet

476 DWS Investment Jobs

TISO - Technical Information Security Officer

DWS Group

0-2 years

Pune

1 vacancy

DWS Investment

posted 6d ago

Job Role Insights

Key skills for the job

Operations Information Technology Analytical Chemistry Risk Management Information Security Application Development

+ 2 more

Job Description

Partner with and support CIO-1 areas in risk management and control implementation. Partner with portfolio owners and audit / regulatory / self-identified issue finding owners to ensure overall risk posture for the area is improved.

Will be responsible for Information Security controls and will partner with CIO teams and finding owners to ensure overall risk posture for the area is improved. Able to liaise with senior management and regulators on reporting of project milestones, key deliverables, and credibility to obtain key stakeholder sign offs. Will partner closely with technology stakeholders and business stakeholders in the development and execution of Risk Framework.

Strong hands-on technical background in IT security controls and SME in at least one area amongst crypto, cyber, IA, Cloud etc.

Pro-actively identify and Implement IT Security strategy and translate this into an operational plan for delivery for their area of responsibility

Provide management and leadership for TISO (Technical Information Security Officers) within the respective division or function and Information Technology Security oversight of the applications and infrastructure (IT assets).

Act as point of escalation for IT Security issues and exceptions.

Support CIO-1 portfolio(s) in managing audit / regulatory / self-identified findings to ensure appropriate and timely resolution of risks/gaps in controls, and resolve non-compliance with Bank policies, procedures and processes and non-compliance with regulations and laws. Review and revise findings lifecycle event documentation.
Participate in, and coordinate with technology stakeholders, on internal and external audit and regulatory exams
Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified technology issues
Support application teams in control implementation requirements
Ensure risk remediation programs are initiated and executed. Design and implement processes to test effectiveness and sustainability of technical controls.
Develop strategies for reducing the risk exposure of CIO-1 portfolio(s), including preparedness of critical applications for audit and regulatory exams and working with application owners to address and prevent common risk issues
Assist application owners and other technology stakeholders in identifying and documenting risks and developing remediation
Tracking and reporting on CIO-1 portfolio(s) key risk indicators (KRI) and control uplift programs. Assisting application owners in developing plans to ensure compliance with KRIs and close control gaps.
Ensure risk remediation programs are initiated and executed in line with the Banks policies, procedures and standards.
Work with the application teams and control owners to identify and resolve potential issues in control design. Advise on effectiveness metrics, ensure control design includes proper evidence, and provide input to the design and effectiveness of centrally provided tooling.
Advise on information security controls and related IS control uplift programs. Liaise with IS control owners about exceptions and issues across CB Technology. Recommend solutions to ensure compliance with IS controls and KRIs.

Your Skills and Experience
Excellent communication skills, both written and verbal to present ideas and concepts effectively
Knowledge of security concepts including security risk and NIST
Certification - CISSP or CISSM preferred
Minimum 10 years expertise with atleast 5 years as an Information Security expert.
Relevant experience in technology risk management, risk advisory and audit management; prefer experience in information security controls, concepts and risks
Experience with testing technology controls
Control design skills and technical skills, particularly related to the testing of technology controls and processes
Experience in assessing risk, writing issues, and developing appropriate corrective actions
Excellent analytical and investigatory skills to identify underlying technology issues and
demonstrate viable solutions and problem solving
Prefer technical background (application development, infrastructure engineering, etc.)
Prefer experience in evaluating the adequacy and effectiveness of security policies and procedures

How Youll Lead
Partner closely with technology and business stakeholders in the development and execution of the Banks risk framework
Promote proactive risk culture and sustainability of controls to technology stakeholders to help improve overall risk posture for the area
Liaise with senior management, audit and regulators on reporting of project milestones and key deliverables