Job Description:

About DWS

DWS Group (DWS) with EUR 833bn of assets under management (as of 30 September 2024) aspires to be one of the world's leading asset managers. Building on more than 60 years of experience, it has a reputation for excellence in Germany, Europe, the Americas and Asia. DWS is recognized by clients globally as a trusted source for integrated investment solutions, stability and innovation across a full spectrum of investment disciplines.

We offer individuals and institutions access to our strong investment capabilities across all major liquid and illiquid asset classes as well as solutions aligned to growth trends. Our diverse expertise in Active, Passive and Alternatives asset management – as well as our deep environmental, social and governance focus – complement each other when creating targeted solutions for our clients. Our expertise and on-the-ground knowledge of our economists, research analysts and investment professionals are brought together in one consistent global CIO View, giving strategic guidance to our investment approach.

DWS wants to innovate and shape the future of investing. We understand that, both as a corporate as well as a trusted advisor to our clients, we have a crucial role in helping navigate the transition to a more sustainable future. With approximately 3,900 employees in offices all over the world, we are local while being one global team. We are committed to acting on behalf of our clients and investing with their best interests at heart so that they can reach their financial goals, no matter what the future holds. With our entrepreneurial, collaborative spirit, we work every day to deliver outstanding investment results, in both good and challenging times to build the best foundation for our clients' financial future.

The Team

DWS has an obligation to ensure that external parties providing services to or on behalf of DWS implement the same standards of physical security as DWS when storing or handling confidential or strictly confidential data. The Third-Party Security Risk Management Specialist role is to ensure that DWS confidential information is protected. If local laws or regulations establish a higher standard than provided here, third party vendors must comply with such laws, regulations or standards.

DWS - Third-Party Security Risk Management Specialist (m/f/d)

Responsibilities:
• Conducting Security Third Party assessments (including physical controls) as part of the overall VRM process covering defined Physical Security requirements
• Identification of gaps against control framework and evaluation of the criticality
• Describing risks related to identified gaps
• Development of potential action plans to remediate the gaps based on industry best practices and defined Physical Security requirements
• Performing Gap Analysis of Third Party Security implementations against control standard
• Constant communication with involved stakeholders (inside and outside)
• Continuous improvement of internal processes (especially for assessing third parties on Physical Security aspects)
• Providing guidance to stakeholders outside the team
• Supporting the team to improve the overall control framework (e.g. new controls, enhancement of existing controls)

Knowledge and Experience:
• Degree in IT, security management, business informatics or similar
• Several years' experience in financial industries and / or physical security- / risk management
• Experience in IT Security and Physical Security (both technical and organizational controls) Understanding of asset management industry and services to be able to evaluate impact of security risks is beneficial
• Solid understanding of Risk Management principles
• Proven experience with Information Security Standards (e.g. ISO27001, )
• Relevant certification e.g. CISSP, CISA, ISO27001 Lead Auditor would be preferred
• Understanding of current industry and agency standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, SOC2, SoX, PCI, MITRE ATT&CK etc.