Security Engineering (Identity/Networks)

Job Description:

Employer:             DWS Group

Title:                      IT Security Engineering (Identity/Networks)

Location:              London

About DWS:

Today, markets face a whole new set of pressures – but also a whole lot of opportunity too. Opportunity to innovate differently. Opportunity to invest responsibly. And opportunity to make change.

Join us at DWS, and you can be part of an industry-leading firm with a global presence. You can lead ambitious opportunities and shape the future of investing. You can support our clients, local communities, and the environment.

We’re looking for creative thinkers and innovators to join us as the world continues to transform. As whole markets change, one thing remains clear; our people always work together to capture the opportunities of tomorrow. That’s why we are ‘Investors for a new now’.

As investors on behalf of our clients, it is our role to find investment solutions. Ensuring the best possible foundation for our clients’ financial future. And in return, we’ll give you the support and platform to develop new skills, make an impact and work alongside some of the industry’s greatest thought leaders. This is your chance to achieve your goals and lead an extraordinary career.

This is your chance to invest in your future.

Team / division overview

Information Security is responsible for preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders.

Roles within Information Security may cover one or more areas of specialty:

• Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.)

• Information Security (“IS”) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.)

• IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.).

Work includes:

• Identifying and evaluating potential areas of Information Security threat by assessing the probability and impact, and implementing associated mitigations

• Monitoring and contributing to the implementation of the Information Security strategy

• Evaluating the adequacy and effectiveness of internal controls relating to Information Security risks

• Ensuring appropriate procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders

• Developing appropriate, pragmatic strategies to deliver effective controls and Information Security management objectives and implementation across the bank

• Managing client relationships and ensuring management focus on the Information Security agenda

Role Details:

As an IT Security Engineering you will (be):

• Implement and manage security controls across cloud environments (namely GCP and Azure)

• Evaluate and enhance cloud security posture by identifying and mitigating security risks

• Implement best practices for cloud security, including identity & access management, encryption, and threat protection

• Ensure adherence to security policies, industry standards, and regulatory requirements

• Implement security measures for cloud-based infrastructure

• Oversee network security, firewalls, VPNs, IDS/IPS, and other perimeter defence systems

• Collaborate with infrastructure teams to implement system hardening and secure network architecture

• Work with Vulnerability Management team to assess and remediate across hybrid environments

• Implement and maintain security monitoring systems

• Monitor and respond to security alerts, and coordinate with required technology teams and Incident Management to resolve issues

• Troubleshoot and resolve security issues related to Windows and Linux environments

• Provide security guidance for infrastructure and application development projects

• Contribute to design and architecture of secure systems and networks

• Participate in audits, assessments, and assurance processes

• Work with infrastructure and application development teams to provide integrate security into the development lifecycle

• Communicate effectively with stakeholders and leadership regarding security status and projects

We are looking for: 

• Hands- on experience in cybersecurity engineering, security architecture, or a similar role

• In- depth knowledge of cloud security architecture, tools, and best practices

• Technical and Business knowledge of IAM and PAM processes and solutions e. g. joiner, mover, leaver, request- and approval, SoD, recertification, Forgerock knowledge and CyberArk preferred, but not mandatory

• Experience in Information Security, specifically Identity and Access Management and Privileged Access Management

• Knowledge of the financial services industry and its Identity & Access Management compliance requirements is a plus.

• Strong knowledge of security protocols, encryption, and authentication methods

• Experience with security for Windows and Linux systems

• Strong knowledge of security monitoring, incident response, and threat management

• Background in security architecture design and review

• Familiarity with network security, firewalls, IDS/IPS

• Experience with security frameworks such as NIST, CIS, ISO 27001, and SOC2

• Ability to work independently and as part of a team

• Ability to work with some level of ambiguity in a dynamic environment, and manage multiple priorities

• Excellent communication and documentation skills

• Strong analytical and problem-solving skills

What we’ll offer you:

At DWS we’re serious about diversity, equity and creating an inclusive culture where colleagues can be themselves sand it’s important to us that you enjoy coming to work - feeling healthy, happy and rewarded. At DWS, you’ll have access to a range of benefits which you can choose from to create a personalised plan unique to your lifestyle. Whether you’re interested in healthcare, company perks, or are thinking about your retirement plan, there’s something for everyone.

Some of our core benefits:
 

• 30 days’ holiday + bank holidays, with the option to purchase additional days

• A non-contributory pension scheme, up to 10%

• Physical and Mental Health Well-Being benefits including (but not limited to) Private Medical Cover, a complimentary GP service and the support of Mental Health First Aiders

• Family friendly benefits including generous parental leave packages (supporting all variations of family set-ups), to healthcare plans and travel insurance

• The opportunity to support our CSR strategy which is focused on combatting climate change and achieving greater social justice. You can make donations to our partner organisations or take part in corporate volunteering opportunities in your local communities by providing on hand support.

DWS’ Hybrid Working model in the UK is designed to find the right balance between in-person collaboration and engagement in the office, which is core to our working culture, and working from home. Employees who wish to sign-up to our Hybrid Working model are required to work in the office two days a week, and given the flexibility to work from home for the remaining three.

Some business groups may need you to spend more time in the office, but this will be discussed and made clear as part of your application and interview process. We will continue to review and evolve our working environments and methods to ensure that we are working in the best way possible for our people.

If you require any adjustments or changes to be made to the interview process for any reason including, or related to a disability or long-term health condition, then please contact your recruiter and let them know what assistance you may need. Examples of adjustments include providing a change to the format of the interview, or providing assistance when at the DWS office. This will not affect your application and your recruitment team will discuss options with you.