Job Title: Cyber Security Engineer
Location: London

DWS Group (DWS) is one of the world’s leading asset managers with EUR 928bn of assets under management (as of 31 December 2021). Building on more than 60 years of experience, it has a reputation for excellence in Germany, Europe, the Americas and Asia. DWS is recognised by clients globally as a trusted source for integrated investment solutions, stability and innovation across a full spectrum of investment disciplines.

We offer individuals and institutions access to our strong investment capabilities across all major asset classes and solutions aligned to growth trends. Our diverse expertise in Active, Passive and Alternatives asset management – as well as our deep environmental, social and governance focus – complement each other when creating targeted solutions for our clients. Our expertise and on-the-ground-knowledge of our economists, research analysts and investment professionals are brought together in one consistent global CIO View, which guides our investment approach strategically.

DWS is transforming and growing its internal information and cyber security team. As the Cyber Security Engineer reporting to the DWS Group Head of Security Architecture and Engineering you will be responsible for the overall implementation and maintenance of security cyber controls in the organization. You will specialise in providing security systems and tools management and playing a vital role in onboarding IT systems and business applications to relevant security platforms.

We are open for candidates in Germany (Frankfurt) and London (UK).

What we’ll offer you:

A healthy, engaged and well-supported workforce are better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That’s why we are committed to providing an environment with your development and wellbeing at its centre. You can expect:

• Competitive salary and non-contributory pension
• 30 days’ holiday plus bank holidays, with the option to purchase additional days
• Life Assurance and Private Healthcare for you and your family
• A range of flexible benefits including Retail Discounts, a Bike4Work scheme and Gym benefits
• The opportunity to support a wide-ranging CSR programme + 2 days’ volunteering leave per year

Your key responsibilities:

• Define, implement, document and maintain security controls for cyber security platforms
• Manage & maintain key cyber security platforms and tools (Vulnerability scanners, WAF, PAM, IAM, SIEM, EDR, DLP)
• Ensure the availability, effectiveness, efficiency of the technology
• Contribute to the continual improvement of the tools and associated processes
• Support security teams such as Incident and Threat Response to identify requirements and deliver improvements
• Ensure accurate and clear communication with all stakeholders
• Create and update run book documentation relating to technologies and associated processes
• Collate and provide evidence to support client and regulatory audits
• Train and develop the engineering team
• Engage with the outsourced security operations team to ensure standards and policies are appropriately applied, providing expertise in resolving key issues.
• Provide support on security incident response on security incidents and participate in the development of business cases and presentations on information security technologies of interest to the company
• Ensure accurate and clear communication with all stakeholders

Your skills and experience:

• Degree in Information Systems or Computer Science or relevant Cyber Security experience
• Previous experience in onboarding and managing at least one of the following security tools and platforms (Qualys, Palo Alto Prisma, CyberArk, Sentinel, Google Chronicle, MS ATP Defender, DLP)
• Security professional related certification – CISSP, CCSP, OSCP, SANS or equivalent is desirable
• Excellent knowledge of a range of cyber security technologies in an engineering capacity including SIEM, end point detection/protection, network security and data security
• Experience in creating engineering runbooks
• Excellent understanding of security principles
• In-depth understanding of protective and detective security controls
• Up-to-date knowledge of current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, combined with the understanding of the potential impact on the security posture
• Excellent analytical and troubleshooting skills to constantly monitor systems to identify threats and vulnerability, execute security architecture, and ensure there are no external threats
• Strong understanding of cybersecurity standards and frameworks e.g., ISO27001, NIST, CIS, OWASP, SANS

How we’ll support you:

• Training and development to help you excel in your career
• Flexible working to assist you balance your personal priorities
• Coaching and support from experts in your team

Our values define the working environment we strive to create – diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.
We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.