Cyber Security Expert - Testing, Vulnerability Mgmt. & Control Assurance
Allianz
Support the Allianz Group Information Security Function to ensure that Information Security and Cyber Risks that may impact the successful delivery of Allianz business objectives are identified and properly addressed. The objective is to ensure that Allianz is adequately protected, in line with legal and regulatory requirements. This includes maintaining the Allianz Information Security strategy and overseeing Global Identity and Access Management Governance for Allianz Group.
The main objectives are:
• Develop an Information Security Risk Management culture within Allianz. This is achieved by maintaining a strong Information Security Risk management framework, by providing business visibility on these risks and related threats and by ensuring that plans are in place to address them.
• Build strong Information Security Capabilities within Allianz and with key external partners and institutions.
• Maintain a high level, practical set of policies and standards for use across the Allianz Group and all Operating Entities (OEs).
• Govern and lead key global Information Security initiatives and solutions that strengthen Allianz’ cyber resilience, ensure regulatory compliance, minimize risks of data loss and cyber attacks.
You will:
- Monitor and steering of operating entities on Group requirements
- Support the development of Key Risk Indicators for monitoring OE Cyber Risk and related local investments in Information Security
- Own and maintain use-cases in central Information Security Management System (ISMS) reporting tool
- Drive communication and interaction with Allianz's operating entities
- Drive the continuted development & execution of the vulnerability exposure management process, aiming for continuous improvement of the robustness of security controls of Allianz Group
- Perform independent effectiveness assessments of existing security controls on behalf of the Group Information Security function
- Manage and steer the execution of dedicated Red Team (simulation of a potential adversary's attack or exploitation capabilities) exercises on Group level or individual OEs, including remediation retesting support
- Provide global subject matter expertise in case of evaluation of recent vulnerabilities and threats, incident response or other areas (i.e. quantitative cyber risk assessment)
- Foster relationship with key internal and external stakeholders, including audit, risk, Group and local boards
Your skills:
• Practical experience and certification (e.g. CISM, CISSP, CRISC) in implementing Information Security governance and management systems
• Experience in the area of Vulnerability Management and Penetration Testing / Red Teaming
• Good technical understanding of network, infrastructure and application security
• Successful track record in working for large and diverse international organizations
• Fluent English mandatory; a good command of a second major langugage (e.g. German, Italian, Spanish) is a plus
• Good track record in functional steering and monitoring in large multinational environments, leading without authority
• Background in project managment, with a focus on Information Security a plus
• High quality of analytical and soft skills
• Ability to communicate complex topics to key (senior) stakeholders in a clear and concise way
Your benefits:
- We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad
- We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)
- From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered
- Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach
About Allianz Technology
Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 12,000 employees located in 51 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.
We oversee the full digitalization spectrum – from one of the industry’s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age.
D&I statement
Allianz Technology is proud to be an equal-opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, ethnicity and cultural background, age, nationality, religion, disability, or philosophy of life.
Join us. Let´s care for tomorrow.
You. IT
45721 | Ingeniería informática y tecnológica | Profesional / Senior | Non-Executive | Allianz Technology | Jornada completa | Indefinido