Information Security Officer

Information Security Officer

Position Overview

Deutsche Bank is seeking an Information Security Officer (ISO) for their DWS Group in Bangalore, India. This role is crucial in managing information security risks within a business heavily reliant on information systems and interconnected networks. The ISO will be responsible for ensuring the confidentiality, integrity, and availability of information, adhering to DWS's risk appetite and regulatory requirements.

Role Description

As an Information Security Officer for the central team, you will own information and cyber security activities for in-scope applications. You will act as the primary liaison between the security function and technology/business stakeholders, understanding their needs and risks to enable proactive service delivery. This role involves ensuring compliance with legal, regulatory, client, and industry security requirements across the APAC region by conducting internal and external reviews and gathering evidence from control owners.

What We’ll Offer You

Deutsche Bank offers a comprehensive benefits package, including:

• Best-in-class leave policy
• Gender-neutral parental leaves
• 100% reimbursement for childcare assistance
• Sponsorship for industry-relevant certifications and education
• Employee Assistance Program for you and your family
• Comprehensive hospitalization insurance for you and your dependents
• Accident and Term life insurance
• Complementary Health screening for individuals 35 years and above

Your Key Responsibilities

• Establish and maintain close working relationships with key business and technology stakeholders globally and regionally.
• Coordinate external client, audit, and regulatory requests related to security matters in the region.
• Ensure timely notification to the business of new security and regulatory requirements.
• Help build and promote security awareness within the APAC region regarding security threats and exposures.
• Ensure security risk is understood by the business and managed within the company's risk appetite.
• Represent the DWS security function at various regional, local, and divisional committees and councils.
• Work closely with the 3rd Party Security Management team on vendor risk assessments, ensuring local and regional vendors comply with DWS security requirements.
• Advise the business on how to achieve relevant controls and assist with supporting solutions.
• Contribute to the Information Security incident management process regionally and locally, collaborating with the Cyber Resilience and Operation team and business stakeholders.
• Support information security training and awareness initiatives in the region.

Essential Skills and Experience

• Proven experience in information, technical, or cyber security roles, preferably within the financial sector.
• Strong working knowledge of handling and responding to cybersecurity incidents.
• Up-to-date knowledge of current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, with an understanding of their potential impact.
• Ability to manage conflicting priorities and multiple tasks in a high-pressure environment.
• Experience handling regulators and working with internal or external audit.
• Excellent stakeholder management, communication, and interpersonal skills at both technical and non-technical levels.
• Highly self-motivated and directed, with keen attention to detail.
• Positive attitude and a team player.
• Proven experience operating in a highly complex organization with devolved structures and multiple stakeholders.
• Excellent strategic and operational business awareness, with a deep understanding of the key drivers, levers, issues, and constraints of digital businesses.

Education / Certification

• Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security.
• Security professional related certification (CISSP, CISM, SANS, or equivalent) is desirable.
• Strong understanding of current security industry standards, best practices, and frameworks (e.g., ISO27001, NIST, CIS, OWASP).
• Fluent English and communication skills.
• Additional local language skills would be beneficial.

How We’ll Support You

• Training and development to help you excel in your career.
• Coaching and support from experts in your team.
• A culture of continuous learning to aid progression.
• A range of flexible benefits tailored to your needs.

We foster a culture where we are empowered to excel together daily, characterized by acting responsibly, thinking commercially, taking initiative, and working collaboratively. We celebrate our people's successes together. We are Deutsche Bank Group. We welcome applications from all individuals and are committed to a positive, fair, and inclusive work environment.

Key skills/competency

• Information Security
• Cyber Security
• Risk Management
• Incident Management
• Regulatory Compliance
• Stakeholder Management
• Security Awareness
• Vendor Risk Assessment
• Audit Response
• Information Systems