Information Security Risk Manager
Do you have demonstrable experience in risk assessment within the financial services industry? Are you familiar with the ISO 27000 series information security standards as well as the COBIT risk and control framework?
We are looking for you to grow together!
Talent must be rewarded! This is what we offer:
- An attractive salary with a bench of extralegal advantages
- We offer you a challenging role in an international landscape (mainly Brussels/Rotterdam).
- Working in a dynamic environment at Allianz, the world leader in assistance and insurance
- A pleasant working atmosphere and a great work-life balance
- An experienced and enthusiastic team
- An engaging, analytical, social, multilingual job in a close-knit Benelux company
- Working in a brand new office in the shaddow of the North station in Brussels.
- Development opportunities and an attractive salary package supplemented with extra-legal benefits in line with your experience
This is what a Risk manager (will) do in the team:
- Manage Information risk assessment on Allianz Benelux IT applications and cloud services, managing the workflow from initiation to finalization and sign off.
- Monitor the information risk management cycle ensuring mitigation plans are followed up and re-assessment initiated
- Prepare quarterly reports on information risk for discussion and approval in information security steering board
- Implement and monitor compliance with relevant Group, local and regulatory guidelines regarding Information risk for the Allianz Benelux;
- Ensure approval and the documentation of the results into the Enterprise Governance Risk and Control tool used for information risk management (RSA Archer)
- Contribute to the planning and management cycle of the Information Security Function
We are looking for someone with the following skills/experience:
- A Master’s degree in Computer Science, IT, Information Security or equivalent educational background
- Demonstrable experience in risk assessment within the financial services industry
- Certified Information System Security Professional (ISC2 CISSP).
- At least one of the nice to have certifications (CEH, CRISC, CISA)
- Concise communication in Business English on complex issues tailored to specific audiences
- Familiar with the ISO 27000 series information security standards as well as the COBIT risk and control framework
Nice to have:
- Relevant certifications such as:
- Certified Ethical Hacker (CEH)
- Certified in Risk and Information System Control (ISACA CRISC)
- Certified Information System Auditor (ISACA CISA)
- Experience using Enterprise Governance Risk Compliance tools, in particular RSA Archer
- A good command of local languages (French and Dutch).