DWS - Cybersecurity Vulnerability Management Lead (m/f/d)

Job Description

About DWS: At DWS, we’re capturing the opportunities of tomorrow. You can be part of a leading, client-committed, global Asset Manager, making an impact on individuals, communities, and the world.

Join us on our journey, and you can shape our transformation by working side by side with industry thought-leaders and gaining new and diverse perspectives. You can share ideas and be yourself, whilst driving innovative and sustainable solutions that influence markets and behaviours for the better.

Every day brings the opportunity to discover a new now, and here at DWS, you’ll be supported as you overcome challenges and reach your ambitions. This is your chance to lead an extraordinary career and invest in your future.

About the Team

Our CISO Team is looking for an experienced Cybersecurity Vulnerability Management Lead (Functional Role Title: Information Security Officer (m/f/d)) who will be responsible for overseeing and driving the enterprise-wide vulnerability management strategy within DWS. This role involves identifying, assessing, prioritizing, and governing remediation of security vulnerabilities to protect the organization’s critical assets, data, and infrastructure. The successful candidate will work cross-functionally with technology, security, and business teams to implement best practices, governance, and automation to enhance the company’s cybersecurity posture.

Your key responsibilities:

• Develop, implement, and oversee the cyber vulnerability management program aligned with regulatory requirements, industry best practices, and company policy
• Define and maintain vulnerability management procedures for DWS, in line with group policy
• Collaborate with Cybersecurity, Technology, and Business teams to ensure efficient vulnerability remediation across infrastructure, cloud environments, third-party vendors, and applications
• Partner with Threat Intelligence and Incident Response teams to assess real-world exploitation risks and inform response strategies
• Develop and track KPIs and KRIs to measure program effectiveness and provide reporting to senior leadership and risk committees

Your skills and experience:

• Strong understanding of vulnerability management frameworks (e.g., CVSS, MITRE ATT&CK, NIST, CSF, OWASP)
• Hands-on experience with vulnerability scanning tools (e.g., Tenable Nessus, Qualys, Rapid7) and SIEM platforms (e.g., Splunk, Microsoft Sentinel)
• Familiarity with cloud security in GCP, including native security tools
• Knowledge of secure coding practices and DevSecOps principles, including CI/CD pipeline integration for automated security testing
• Experience with threat modeling, penetration testing, and red teaming methodologies
• Ability to work independently and as part of a team
• Ability to work with some level of ambiguity in a dynamic environment, and manage multiple priorities
• Excellent communication and documentation skills
• Strong analytical and problem-solving skills
• Fluent in English (written and spoken)

What we’ll offer you:

At DWS, we prioritize your health, happiness, and recognition. You’ll have access to benefits tailored to your lifestyle, including healthcare, company perks, and retirement plans.

• Health and Well-Being benefits, including statutory health insurance, sickness benefits, and support helplines
• Family-friendly benefits, including parental leave and childcare support
• Pension plans, personal budget accounts for sabbaticals or early retirement, and capital-forming benefits
• Support for CSR initiatives, including donations and volunteering opportunities
• Hybrid working model promoting flexibility between office and remote work, with arrangements discussed during the application process

Additional Information

If you require adjustments to the interview process due to disability or health conditions, please contact your recruiter for support options.