Job Description:
Employer: DWS Group
Title: IT Security Engineering (Identity/Networks)
Location: London
About DWS:
Today, markets face a whole new set of pressures - but also a whole lot of opportunity too. Opportunity to innovate differently. Opportunity to invest responsibly. And opportunity to make change.
Join us at DWS, and you can be part of an industry-leading firm with a global presence. You can lead ambitious opportunities and shape the future of investing. You can support our clients, local communities, and the environment.
We're looking for creative thinkers and innovators to join us as the world continues to transform. As whole markets change, one thing remains clear; our people always work together to capture the opportunities of tomorrow. That's why we are 'Investors for a new now'.
As investors on behalf of our clients, it is our role to find investment solutions. Ensuring the best possible foundation for our clients' financial future. And in return, we'll give you the support and platform to develop new skills, make an impact and work alongside some of the industry's greatest thought leaders. This is your chance to achieve your goals and lead an extraordinary career.
This is your chance to invest in your future.
Team / division overview
Information Security is responsible for preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders.
Roles within Information Security may cover one or more areas of specialty:
- Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.)
- Information Security (IS) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.)
- IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.).
Work includes:
- Identifying and evaluating potential areas of Information Security threat by assessing the probability and impact, and implementing associated mitigations
- Monitoring and contributing to the implementation of the Information Security strategy
- Evaluating the adequacy and effectiveness of internal controls relating to Information Security risks
- Ensuring appropriate procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders
- Developing appropriate, pragmatic strategies to deliver effective controls and Information Security management objectives and implementation across the bank
- Managing client relationships and ensuring management focus on the Information Security agenda
Role Details:
As an IT
Security Engineering
you will (be):
- Implement and manage security controls across cloud environments (namely GCP and Azure)
- Evaluate and enhance cloud security posture by identifying and mitigating security risks
- Implement best practices for cloud security, including identity & access management, encryption, and threat protection
- Ensure adherence to security policies, industry standards, and regulatory requirements
- Implement security measures for cloud-based infrastructure
- Oversee network security, firewalls, VPNs, IDS/IPS, and other perimeter defence systems
- Collaborate with infrastructure teams to implement system hardening and secure network architecture
- Work with Vulnerability Management team to assess and remediate across hybrid environments
- Implement and maintain security monitoring systems
- Monitor and respond to security alerts, and coordinate with required technology teams and Incident Management to resolve issues
- Troubleshoot and resolve security issues related to Windows and Linux environments
- Provide security guidance for infrastructure and application development projects
- Contribute to design and architecture of secure systems and networks
- Participate in audits, assessments, and assurance processes
- Work with infrastructure and application development teams to provide integrate security into the development lifecycle
- Communicate effectively with stakeholders and leadership regarding security status and projects
We are looking for:
- Hands- on experience in cybersecurity engineering, security architecture, or a similar role
- In- depth knowledge of cloud security architecture, tools, and best practices
- Technical and Business knowledge of IAM and PAM processes and solutions e. g. joiner, mover, leaver, request- and approval, SoD, recertification, Forgerock knowledge and CyberArk preferred, but not mandatory
- Experience in Information Security, specifically Identity and Access Management and Privileged Access Management
- Knowledge of the financial services industry and its Identity & Access Management compliance requirements is a plus.
- Strong knowledge of security protocols, encryption, and authentication methods
- Experience with security for Windows and Linux systems
- Strong knowledge of security monitoring, incident response, and threat management
- Background in security architecture design and review
- Familiarity with network security, firewalls, IDS/IPS
- Experience with security frameworks such as NIST, CIS, ISO 27001, and SOC2
- Ability to work independently and as part of a team
- Ability to work with some level of ambiguity in a dynamic environment, and manage multiple priorities
- Excellent communication and documentation skills
- Strong analytical and problem-solving skills
What we'll offer you:
At DWS we're serious about diversity, equity and creating an inclusive culture where colleagues can be themselves sand it's important to us that you enjoy coming to work - feeling healthy, happy and rewarded. At DWS, you'll have access to a range of benefits which you can choose from to create a personalised plan unique to your lifestyle. Whether you're interested in healthcare, company perks, or are thinking about your retirement plan, there's something for everyone.
Some of our core benefits:
- 30 days' holiday + bank holidays, with the option to purchase additional days
- A non-contributory pension scheme, up to 10%Physical and Mental Health Well-Being benefit