Information Security Manager
BARCELONA, B, ES, 08009
Allianz
As an international financial services provider, Allianz offers worldwide products and solutions in insurance and asset management.Support the Allianz Group Information Security Function to ensure that Information Security and Cyber Risks that may impact the successful delivery of Allianz business objectives are identified and properly addressed. The objective is to ensure that Allianz is adequately protected, in line with legal and regulatory requirements. This includes maintaining the Allianz Information Security strategy and overseeing Global Identity and Access Management Governance for Allianz Group.
The main objectives are:
• Develop an Information Security Risk Management culture within Allianz. This is achieved by maintaining a strong Information Security Risk management framework, by providing business visibility on these risks and related threats and by ensuring that plans are in place to address them.
• Build strong Information Security Capabilities within Allianz and with key external partners and institutions.
• Maintain a high level, practical set of policies and standards for use across the Allianz Group and all Operating Entities (OEs).
• Govern and lead key global Information Security initiatives and solutions that strengthen Allianz’ cyber resilience, ensure regulatory compliance, minimize risks of data loss and cyber attacks.
You will:
- Monitor and steering of operating entities on Group requirements
- Support the development of Key Risk Indicators for monitoring OE Cyber Risk and related local investments in Information Security
- Own and maintain use-cases in central Information Security Management System (ISMS) reporting tool
- Drive communication and interaction with Allianz's operating entities
- Drive the continuted development & execution of the vulnerability exposure management process, aiming for continuous improvement of the robustness of security controls of Allianz Group
- Perform independent effectiveness assessments of existing security controls on behalf of the Group Information Security function
- Manage and steer the execution of dedicated Red Team (simulation of a potential adversary's attack or exploitation capabilities) exercises on Group level or individual OEs, including remediation retesting support
- Provide global subject matter expertise in case of evaluation of recent vulnerabilities and threats, incident response or other areas (i.e. quantitative cyber risk assessment)
- Foster relationship with key internal and external stakeholders, including audit, risk, Group and local boards
Your skills:
• Practical experience and certification (e.g. CISM, CISSP, CRISC) in implementing Information Security governance and management systems
• Experience in the area of Vulnerability Management and Penetration Testing / Red Teaming
• Good technical understanding of network, infrastructure and application security
• Successful track record in working for large and diverse international organizations
• Fluent English mandatory; a good command of a second major langugage (e.g. German, Italian, Spanish) is a plus
• Good track record in functional steering and monitoring in large multinational environments, leading without authority
• Background in project managment, with a focus on Information Security a plus
• High quality of analytical and soft skills
• Ability to communicate complex topics to key (senior) stakeholders in a clear and concise way
Your benefits:
- We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad
- We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)
- From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered
- Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach
About Allianz Technology
Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 12,000 employees located in 51 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.
We oversee the full digitalization spectrum – from one of the industry’s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age.
D&I statement
Allianz Technology is proud to be an equal-opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, ethnicity and cultural background, age, nationality, religion, disability, or philosophy of life.
Join us. Let´s care for tomorrow.
You. IT
45721 | Ingeniería informática y tecnológica | Profesional / Senior | Non-Executive | Allianz Technology | Jornada completa | Indefinido
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security CISM CISSP Compliance CRISC Governance IAM Incident response ISMS IT infrastructure Monitoring Pentesting Red team Risk assessment Risk management RMF Security strategy Strategy Vulnerabilities Vulnerability management
Perks/benefits: Career development Equity Flex hours Health care Parental leave Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs