Application Security Specialist, AVP

Job Title: Application Security Specialist

Corporate Title: AVP

Location: Pune, India

Role Description

DWS is transforming and growing its internal information security team. Within CSO Information Security Assurance you will be responsible for Control Assurance on control implementation to support compliance with Information Security Policies and Procedures. It verifies based on the most mature compliance data sources (i.e., compliance measurement based on operational data, self-assessment, independent review) if required information security controls have been implemented in DWS’s applications, infrastructure and IT-processes including EUDA/EUMA. In this regard it provides assessment of related risks and is highlighting vulnerabilities for not implemented controls. The Service provides advisory regarding training and the usage of the security controls.

What we’ll offer you

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

Your key responsibilities

• Your primary focus will be on following the Information security roadmap for the applications (information security compliance) in terms of IS principle (confidentiality, integrity, and availability) and ensure their compliance with DWS policies.
• Support ITAO for the applications that are planned for migration that have IS Criticality rating updated using DWS IS criticality methodology.

• Participate in CSO advisory demand meetings and in information security projects, avoiding any delays or escalations related to non-compliance.
• Support DWS CSO to implement Hybrid model as determined for Aurora Operating Model decisions. Successful alignment to DB CSO ORR controls.
• Support in closure of regulatory findings and ensure no overdue audit findings.
• Responsible to liaise between key role holders such as ITAOs and TISOs to develop a secure environment by evaluating the Information Security requirements.
• Support for the EUDA governance within a DWS Unit.
• Support automation of CISO services onboarding capabilities
• Support the development, testing and management of IS Security Compliance campaigns based on business requirements (incl. documentation and training)
• Control Assurance processes and evidence reviews across DWS’s application portfolio to support risk mitigation of non-compliant controls.
• Supporting alignment with all other Control Functions for Operational Readiness
• Support in building security compliance reports.

Your skills and experience

• Clear understanding of information security risk and compliance framework.
• Experience in application security assessment activities.
• Minimum 2-3 years’ experience in Information security management area.
• Good understanding of cyber security standards (e.g. NIST, ISO27001)
• Understanding on how application security policies, standards, requirements and controls are defined.
• Strong Microsoft office skills (excel macro)
• Experience in working with information security governance solutions.
• Any globally recognized information security certification (preferred)
• Graduation and above (preferably IT, Computer science)

How we’ll support you

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

About us and our teams

Please visit our company website for further information:

https://www.db.com/company/company.htm