Allianz Popular SL.
Cyber Security Expert - Testing, Vulnerability Mgmt. & Control Assurance
Allianz Popular SL., New York, New York, United States,
Cyber Security Expert - Testing, Vulnerability Mgmt. & Control Assurance
Support the Allianz Group Information Security Function to ensure that Information Security and Cyber Risks that may impact the successful delivery of Allianz business objectives are identified and properly addressed. The objective is to ensure that Allianz is adequately protected, in line with legal and regulatory requirements. This includes maintaining the Allianz Information Security strategy and overseeing Global Identity and Access Management Governance for Allianz Group.The main objectives are:- Develop an Information Security Risk Management culture within Allianz. This is achieved by maintaining a strong Information Security Risk management framework, by providing business visibility on these risks and related threats and by ensuring that plans are in place to address them.- Build strong Information Security Capabilities within Allianz and with key external partners and institutions.- Maintain a high level, practical set of policies and standards for use across the Allianz Group and all Operating Entities (OEs).- Govern and lead key global Information Security initiatives and solutions that strengthen Allianz’ cyber resilience, ensure regulatory compliance, minimize risks of data loss and cyber attacks.You will:Monitor and steering of operating entities on Group requirementsSupport the development of Key Risk Indicators for monitoring OE Cyber Risk and related local investments in Information SecurityOwn and maintain use-cases in central Information Security Management System (ISMS) reporting toolDrive communication and interaction with Allianz's operating entitiesDrive the continued development & execution of the vulnerability exposure management process, aiming for continuous improvement of the robustness of security controls of Allianz GroupPerform independent effectiveness assessments of existing security controls on behalf of the Group Information Security functionManage and steer the execution of dedicated Red Team (simulation of a potential adversary's attack or exploitation capabilities) exercises on Group level or individual OEs, including remediation retesting supportProvide global subject matter expertise in case of evaluation of recent vulnerabilities and threats, incident response or other areas (i.e. quantitative cyber risk assessment)Foster relationship with key internal and external stakeholders, including audit, risk, Group and local boardsPractical experience and certification (e.g. CISM, CISSP, CRISC) in implementing Information Security governance and management systemsExperience in the area of Vulnerability Management and Penetration Testing / Red TeamingGood technical understanding of network, infrastructure and application securitySuccessful track record in working for large and diverse international organizationsFluent English mandatory; a good command of a second major language (e.g. German, Italian, Spanish) is a plusGood track record in functional steering and monitoring in large multinational environments, leading without authorityBackground in project management, with a focus on Information Security a plusHigh quality of analytical and soft skillsAbility to communicate complex topics to key (senior) stakeholders in a clear and concise wayAbout Allianz TechnologyAllianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 12,000 employees located in 51 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum – from one of the industry’s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age.D&I statementAllianz Technology is proud to be an equal-opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, ethnicity and cultural background, age, nationality, religion, disability, or philosophy of life.Join us. Let´s care for tomorrow.You. IT
#J-18808-Ljbffr
Support the Allianz Group Information Security Function to ensure that Information Security and Cyber Risks that may impact the successful delivery of Allianz business objectives are identified and properly addressed. The objective is to ensure that Allianz is adequately protected, in line with legal and regulatory requirements. This includes maintaining the Allianz Information Security strategy and overseeing Global Identity and Access Management Governance for Allianz Group.The main objectives are:- Develop an Information Security Risk Management culture within Allianz. This is achieved by maintaining a strong Information Security Risk management framework, by providing business visibility on these risks and related threats and by ensuring that plans are in place to address them.- Build strong Information Security Capabilities within Allianz and with key external partners and institutions.- Maintain a high level, practical set of policies and standards for use across the Allianz Group and all Operating Entities (OEs).- Govern and lead key global Information Security initiatives and solutions that strengthen Allianz’ cyber resilience, ensure regulatory compliance, minimize risks of data loss and cyber attacks.You will:Monitor and steering of operating entities on Group requirementsSupport the development of Key Risk Indicators for monitoring OE Cyber Risk and related local investments in Information SecurityOwn and maintain use-cases in central Information Security Management System (ISMS) reporting toolDrive communication and interaction with Allianz's operating entitiesDrive the continued development & execution of the vulnerability exposure management process, aiming for continuous improvement of the robustness of security controls of Allianz GroupPerform independent effectiveness assessments of existing security controls on behalf of the Group Information Security functionManage and steer the execution of dedicated Red Team (simulation of a potential adversary's attack or exploitation capabilities) exercises on Group level or individual OEs, including remediation retesting supportProvide global subject matter expertise in case of evaluation of recent vulnerabilities and threats, incident response or other areas (i.e. quantitative cyber risk assessment)Foster relationship with key internal and external stakeholders, including audit, risk, Group and local boardsPractical experience and certification (e.g. CISM, CISSP, CRISC) in implementing Information Security governance and management systemsExperience in the area of Vulnerability Management and Penetration Testing / Red TeamingGood technical understanding of network, infrastructure and application securitySuccessful track record in working for large and diverse international organizationsFluent English mandatory; a good command of a second major language (e.g. German, Italian, Spanish) is a plusGood track record in functional steering and monitoring in large multinational environments, leading without authorityBackground in project management, with a focus on Information Security a plusHigh quality of analytical and soft skillsAbility to communicate complex topics to key (senior) stakeholders in a clear and concise wayAbout Allianz TechnologyAllianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 12,000 employees located in 51 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum – from one of the industry’s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age.D&I statementAllianz Technology is proud to be an equal-opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, ethnicity and cultural background, age, nationality, religion, disability, or philosophy of life.Join us. Let´s care for tomorrow.You. IT
#J-18808-Ljbffr