Cyber Threat Intelligence and Vulnerability Management Specialist (VP)
London, 45 Cannon Street
Deutsche Bank
Discover Deutsche Bank, one of the world’s leading financial services providers. News and Information about the bank and its productsJob Description:
Employer: DWS Group
Title: Cyber Threat Intelligence and Vulnerability Management Specialist (VP)
Location: London
About DWS:
Today, markets face a whole new set of pressures – but also a whole lot of opportunity too. Opportunity to innovate differently. Opportunity to invest responsibly. And opportunity to make change.
Join us at DWS, and you can be part of an industry-leading firm with a global presence. You can lead ambitious opportunities and shape the future of investing. You can support our clients, local communities, and the environment.
We’re looking for creative thinkers and innovators to join us as the world continues to transform. As whole markets change, one thing remains clear; our people always work together to capture the opportunities of tomorrow. That’s why we are ‘Investors for a new now’.
As investors on behalf of our clients, it is our role to find investment solutions. Ensuring the best possible foundation for our clients’ financial future. And in return, we’ll give you the support and platform to develop new skills, make an impact and work alongside some of the industry’s greatest thought leaders. This is your chance to achieve your goals and lead an extraordinary career.
This is your chance to invest in your future.
Team / division overview
Information Security is responsible for preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders.
Roles within Information Security may cover one or more areas of speciality:
Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.)
Information Security (“IS”) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.)
IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.).
Work includes:
Identifying and evaluating potential areas of Information Security threat by assessing the probability and impact, and implementing associated mitigations
Monitoring and contributing to the implementation of the Information Security strategy
Evaluating the adequacy and effectiveness of internal controls relating to Information Security risks
Ensuring appropriate procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders
Developing appropriate, pragmatic strategies to deliver effective controls and Information Security management objectives and implementation across the bank
Managing client relationships and ensuring management focus on the Information Security agenda
Role Details:
As a Cyber Threat Intelligence and Vulnerability Management Specialist you will (be):
Lead the DWS Cyber Threat Intelligence and Vulnerability Management capability, liaising closely with the central Threat & Vulnerability Management function to provide relevant reports on threats to the sector;
Tailor threat intelligence to the needs of a world-leading asset management firm operating across geographical regions;
Provide threat intelligence to technical and non-technical stakeholders across tactical, operational, and strategic lines;
Identify priority vulnerabilities for expedited patching across the DWS Group estate;
Support the management of vulnerabilities by focusing efforts on key areas of remediation;
Support the DWS and Deutsche Bank CSO Incident Management team in responding to cybersecurity incidents, including log analysis as required;
Liaise with the Central Threat and Vulnerability Management function’s threat use case factory in transforming the latest threats into detection rules;
Maintain, update, and supplement the existing Priority Intelligence Requirements devised specifically for DWS Group;
Maintain, update, and supplement the existing Collection Plan to ensure that the threat intelligence sources ingested by DWS Group fulfil business requirements;
Work with the global team to ingest data from wider sources into DWS systems;
Maintain and update the existing DWS CSO threat model;
Provide thought leadership on emerging cyber threats, trends, and technologies relevant to asset management;
Devise new threat scenarios based on both open and closed sources to capture the asset management firm’s key cyber threats;
Track and report on physical threats to DWS Group, working closely with the global Deutsche Bank services in this area;
Develop new threat use cases of focus for DWS Group;
As required, act as a point of escalation for higher severity security incidents;
Provide technical expertise to support IT risk management assessments.
Direct the vulnerability management program, including assessments, scanning, and penetration testing;
Provide governance to ensure timely remediation of identified vulnerabilities by working closely with relevant IT and application teams;
Maintain a prioritized, risk-based approach to ensure critical issues are addressed in a timely manner
We are looking for:
Technical background with experience of cyber security, cyber threat monitoring, vulnerability management and incident response;
Exceptional relationship-building and communications skills to liaise comfortably with key internal teams in the bank;
Experience of cyber risk analysis in a highly regulated environment;
Strong analytical skills, with the ability to translate complex cybersecurity risks into business impacts;
Ideally, experience working in the finance sector within a cyber defence team;
Experience with advanced threat detection and response technologies
Familiarity with the MITRE ATT&CK® framework and mapping threat actors’ Tactics, Techniques and Procedures (TTPs);
Hands-on experience with a range of enterprise security technologies, including SIEM, EDR, email defence, TIP, SOAR, and UEBA solutions;
Demonstrable ability to analyze cyber threats and articulate the associated risk to business stakeholders in an accessible manner;
Past use of threat models and analytical frameworks for investigations;
Experience in intelligence exchange with commercial and public organizations;
Evidence of transforming data into actionable intelligence to protect businesses;
Proactive mindset to seek out evidence of suspicious activity and operate under an “assume breach” model;
Understanding of threat actors’ efforts to misuse administrative tools to live off the land;
Internal team engagement, working collaboratively, sharing knowledge, and mentoring colleagues;
Passion for understanding the latest threat actor tactics and a strong desire to prevent future attacks;
Relevant professional qualification such as CISSP, CISM, OSCP, CREST, GIAC (e.g. GCFA, GNFA, GREM, GCTI, GCFE, GCFR, GDAT).
What we’ll offer you:
At DWS we’re serious about diversity, equity and creating an inclusive culture where colleagues can be themselves sand it’s important to us that you enjoy coming to work - feeling healthy, happy and rewarded. At DWS, you’ll have access to a range of benefits which you can choose from to create a personalised plan unique to your lifestyle. Whether you’re interested in healthcare, company perks, or are thinking about your retirement plan, there’s something for everyone.
Some of our core benefits:
30 days’ holiday + bank holidays, with the option to purchase additional days
A non-contributory pension scheme, up to 10%
Physical and Mental Health Well-Being benefits including (but not limited to) Private Medical Cover, a complimentary GP service and the support of Mental Health First Aiders
Family friendly benefits including generous parental leave packages (supporting all variations of family set-ups), to healthcare plans and travel insurance
The opportunity to support our CSR strategy which is focused on combatting climate change and achieving greater social justice. You can make donations to our partner organisations or take part in corporate volunteering opportunities in your local communities by providing on hand support.
DWS’ Hybrid Working model in the UK is designed to find the right balance between in-person collaboration and engagement in the office, which is core to our working culture, and working from home. Employees who wish to sign-up to our Hybrid Working model are required to work in the office two days a week, and given the flexibility to work from home for the remaining three.
Some business groups may need you to spend more time in the office, but this will be discussed and made clear as part of your application and interview process. We will continue to review and evolve our working environments and methods to ensure that we are working in the best way possible for our people.
If you require any adjustments or changes to be made to the interview process for any reason including, or related to a disability or long-term health condition, then please contact your recruiter and let them know what assistance you may need. Examples of adjustments include providing a change to the format of the interview, or providing assistance when at the DWS office. This will not affect your application and your recruitment team will discuss options with you.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISM CISSP CREST EDR Finance Forensics GCFA GCFE GCTI GIAC GNFA Governance GREM Incident response Log analysis MITRE ATT&CK Monitoring OSCP Pentesting Risk analysis Risk management Security strategy SIEM SOAR Strategy Threat detection Threat intelligence TTPs Vulnerabilities Vulnerability management
Perks/benefits: Flex vacation Health care Home office stipend Insurance Medical leave Parental leave
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.