Information Security Officer (ISO), AS
Deutsche Bank · Bengaluru, Karnataka, India
- On site
- Full-time
- ₹1,500,000 / year
- Bengaluru, Karnataka, India
This role may have been filled. Drop your résumé and we'll check if it's still open — or find you similar roles.
Job highlights
- Manage information security for critical applications.
- Liaise between security, technology, and business teams.
- Ensure regional compliance with security regulations.
- Handle cybersecurity incidents and risk assessment.
- Promote security awareness and best practices.
About the role
Information Security Officer
Position Overview
Deutsche Bank is seeking an Information Security Officer (ISO) for their DWS Group in Bangalore, India. This role is crucial in managing information security risks within a business heavily reliant on information systems and interconnected networks. The ISO will be responsible for ensuring the confidentiality, integrity, and availability of information, adhering to DWS's risk appetite and regulatory requirements.
Role Description
As an Information Security Officer for the central team, you will own information and cyber security activities for in-scope applications. You will act as the primary liaison between the security function and technology/business stakeholders, understanding their needs and risks to enable proactive service delivery. This role involves ensuring compliance with legal, regulatory, client, and industry security requirements across the APAC region by conducting internal and external reviews and gathering evidence from control owners.
What We’ll Offer You
Deutsche Bank offers a comprehensive benefits package, including:
- Best-in-class leave policy
- Gender-neutral parental leaves
- 100% reimbursement for childcare assistance
- Sponsorship for industry-relevant certifications and education
- Employee Assistance Program for you and your family
- Comprehensive hospitalization insurance for you and your dependents
- Accident and Term life insurance
- Complementary Health screening for individuals 35 years and above
Your Key Responsibilities
- Establish and maintain close working relationships with key business and technology stakeholders globally and regionally.
- Coordinate external client, audit, and regulatory requests related to security matters in the region.
- Ensure timely notification to the business of new security and regulatory requirements.
- Help build and promote security awareness within the APAC region regarding security threats and exposures.
- Ensure security risk is understood by the business and managed within the company's risk appetite.
- Represent the DWS security function at various regional, local, and divisional committees and councils.
- Work closely with the 3rd Party Security Management team on vendor risk assessments, ensuring local and regional vendors comply with DWS security requirements.
- Advise the business on how to achieve relevant controls and assist with supporting solutions.
- Contribute to the Information Security incident management process regionally and locally, collaborating with the Cyber Resilience and Operation team and business stakeholders.
- Support information security training and awareness initiatives in the region.
Essential Skills and Experience
- Proven experience in information, technical, or cyber security roles, preferably within the financial sector.
- Strong working knowledge of handling and responding to cybersecurity incidents.
- Up-to-date knowledge of current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, with an understanding of their potential impact.
- Ability to manage conflicting priorities and multiple tasks in a high-pressure environment.
- Experience handling regulators and working with internal or external audit.
- Excellent stakeholder management, communication, and interpersonal skills at both technical and non-technical levels.
- Highly self-motivated and directed, with keen attention to detail.
- Positive attitude and a team player.
- Proven experience operating in a highly complex organization with devolved structures and multiple stakeholders.
- Excellent strategic and operational business awareness, with a deep understanding of the key drivers, levers, issues, and constraints of digital businesses.
Education / Certification
- Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security.
- Security professional related certification (CISSP, CISM, SANS, or equivalent) is desirable.
- Strong understanding of current security industry standards, best practices, and frameworks (e.g., ISO27001, NIST, CIS, OWASP).
- Fluent English and communication skills.
- Additional local language skills would be beneficial.
How We’ll Support You
- Training and development to help you excel in your career.
- Coaching and support from experts in your team.
- A culture of continuous learning to aid progression.
- A range of flexible benefits tailored to your needs.
We foster a culture where we are empowered to excel together daily, characterized by acting responsibly, thinking commercially, taking initiative, and working collaboratively. We celebrate our people's successes together. We are Deutsche Bank Group. We welcome applications from all individuals and are committed to a positive, fair, and inclusive work environment.
Key skills/competency
- Information Security
- Cyber Security
- Risk Management
- Incident Management
- Regulatory Compliance
- Stakeholder Management
- Security Awareness
- Vendor Risk Assessment
- Audit Response
- Information Systems
Skills & topics
- Information Security Officer
- Information Security
- Cyber Security
- Risk Management
- Incident Management
- Regulatory Compliance
- Financial Sector
- Bangalore
- Deutsche Bank
- Information Systems
How to get hired
- Tailor your resume: Highlight your information security experience in the financial sector and cyber incident response skills.
- Showcase relevant certifications: Emphasize any CISSP, CISM, SANS, or equivalent certifications to demonstrate expertise.
- Demonstrate stakeholder skills: Provide examples of your ability to manage complex relationships and communicate effectively with technical and non-technical audiences.
- Prepare for technical and behavioral questions: Be ready to discuss your knowledge of current security threats and your approach to managing risk in a high-pressure environment.
- Research DWS Group and Deutsche Bank: Understand their commitment to information security, risk appetite, and operational framework.
Technical preparation
Master cybersecurity frameworks like ISO27001, NIST.,Practice incident response scenarios.,Study current exploit and vulnerability techniques.,Understand data breach analysis and impact.
Behavioral questions
Describe managing conflicting priorities.,How do you handle stakeholder disagreements?,Detail a complex security challenge you solved.,Explain your approach to promoting security awareness.
Frequently asked questions
- What are the key responsibilities of an Information Security Officer at Deutsche Bank?
- The Information Security Officer at Deutsche Bank is responsible for managing information and cyber security activities for in-scope applications, liaising with business and technology stakeholders, ensuring regional compliance with security regulations, coordinating audit and regulatory requests, and contributing to incident management and security awareness initiatives.
- What qualifications are essential for the Information Security Officer role at Deutsche Bank?
- Essential qualifications include proven experience in information, technical, or cyber security roles (preferably in finance), strong knowledge of handling cyber security incidents, up-to-date understanding of exploit techniques and vulnerabilities, excellent stakeholder management skills, and the ability to manage multiple priorities in a high-pressure environment.
- Are there specific certifications preferred for the Information Security Officer position at Deutsche Bank?
- While not strictly mandatory, a degree-level IT/information security qualification or equivalent experience is required. Professional certifications such as CISSP, CISM, SANS, or equivalent are highly desirable and will strengthen your application for the Information Security Officer role at Deutsche Bank.
- What kind of work environment can I expect as an Information Security Officer at Deutsche Bank?
- You can expect a dynamic and complex organizational environment with a strong emphasis on information security. Deutsche Bank promotes a culture of continuous learning, collaboration, and empowerment, offering comprehensive benefits and support for professional development. The role requires strong strategic and operational business awareness.
- How does Deutsche Bank handle security risk for its DWS Group?
- Deutsche Bank ensures that the confidentiality, integrity, and availability of information are protected by managing risk according to its Risk Appetite and in accordance with legal and regulatory requirements. The Information Security Officer plays a key role in ensuring this risk is understood and managed by the business.
- What is the role of the Information Security Officer in relation to regulators and audits at Deutsche Bank?
- The Information Security Officer is responsible for coordinating external client, audit, and regulatory requests related to security matters in the region. They must also have experience handling regulators and working with internal or external audit teams, ensuring compliance and providing necessary evidence.