Information Security Officer (ISO)

Job Description

Position Overview Job Title: Information Security Officer (ISO) Corporate Title: Associate Location: Pune, India Role Description DWS Group operates in a business environment with an almost complete dependence on information, which is processed and transmitted by information systems and interconnected computer networks and stored physically and electronically. Information security risk and threat landscape are dynamic and requirements for security are constantly growing. It is essential for DWS that confidentiality, integrity (authenticity) and availability of information are protected, and risk is managed according to DWS’ Risk Appetite and in accordance with legal and regulatory requirements. The role of the DWS Information Security Officer (ISO) is aligned to the DWS COO divisional unit and will report into the Divisional Information Security Officer (D-ISO). DWS ISO assumes ownership for the assigned IT Assets from an information security (IS) perspective. What We’ll Offer You As part of our flexible scheme, here are just some of the benefits that you’ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities To assume ownership and responsibility for assigned IT assets, in line with the Group Information Security management processes and the DWS ISMS To execute IS Risk assessments and compliance evaluations for assigned IT assets To assign accurate information classification to assigned IT assets based on confidentiality of Information To maintain the Information Security related documentation of assigned IT assets in the Group’s asset inventory To establish a good working relationship with Business Application Owners (BAO) and other Subject Matter Experts (SME) of the divisions and functions of the assigned assets and develop profound knowledge of the supported processes and data To support key role holders such as ITAOs and TISOs to develop a secure environment by evaluating the Information Security requirements as early as possible in the system development life cycle to select the applicable Information Security Controls for implementation To give guidance to ITAOs and TISOs on the implementation of compensating Controls in case of deviations from the applicable Information Security Controls To execute and document periodical recertification of user access rights in their area of responsibility in compliance with the Group’s identity and access processes To support implementation of Segregation of Duty (SoD) rules for the assigned IT assets To contribute to the Information Security incident management process in the case of a security breach To deliver all items requested during regulatory and internal Information Security related audits To remain fully trained and skilled by completing the required Information Security trainings provided by CSO or as requested by the Divisional CISO or the Divisional ISO. Essential Your skills and experience Candidate should have proven experience of working in Information Security and/ or Information Technology, ideally in a regulated financial institute Strong communication (written and verbal) skills with the ability to effectively communicate with different stakeholders within IT and business functions with excellent command of the English language. Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within a financial organization Positive attitude and a team player Proactive and ability to work independently in a global team Open to learn, adapt and work with new technologies Outstanding problem solving, analytical and project management skills Proficiency with Microsoft Office programs Fluent English and communication skills Education / Certification Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security General understanding of current security industry standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, OWASP How We’ll Support You Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment. Show more Show less