Information Security Senior Risk Officer

Are you experienced in Information Security risk and looking for a new role in a growing team - fantastic, we have something that might pique your interest The role can be based either in Guildford or Bournemouth.

At Allianz, we are at an exciting and pivotal moment following the acquisition of the LV= General Insurance Group and the General Insurance division of Legal & General, elevating us to the second biggest general insurer in the UK. As part of this growth, we are continuing to invest in Information Security, and as such, we are now looking for talented, ambitious, and passionate Information Security professionals to join us on our journey to build a ‘Best in Industry’ team which sets the gold standard within the Allianz Group.

As the Information Security Senior Risk Officer, you will play a key part in the identification and management of Information Security Risk across the entire business. As a member of the Allianz UK/LVGI Information Security function, you will play a key part in keeping Allianz and LVGI safe and secure, as well as having access to our training and development opportunities, and exposure to the Group frameworks, expertise, and global opportunities.

This role would suit someone with an Information Security, IT, Risk, Consulting or Audit background and is familiar with Information Security risk assessment and management using a best practice framework. The more curious, detail orientated, and organised, the better

**Responsibilities**
- Reporting to the Information Security Risk Principal, this role based in Guildford or Bournemouth.
- Work with IT and Information Security Risk and Compliance colleagues to identify, govern, and manage Information Security risks
- Collaborate with project and business personnel to complete risk assessments for change activities
- Ensure the Allianz Group Information Risk Management framework is implemented
- Take ownership of key controls to ensure alignment with Information security requirements
- Ensure residual risks are identified, documented and managed through the information security risk management framework.
- Ensure risk acceptances and mitigation plans are in place as appropriate, with business sign off, and proactive management of risk governance
- Be responsible for refining and improving reporting, at a business and divisional level, including aggregation of risks
- Identify and implement continuous improvement activities for risk management processes across the wider Information Security function
- Establish and maintain relationships across the business and Group
- Work collaboratively with the wider Information Security team
- Educate all personnel on information security requirements

**Skills & Experience**:

- The ability to align risk processes across a regulated or complex business
- A strong technical understanding of Information Security key control development and continuous improvement approaches
- Experience in process improvement and implementation, including behavioural change
- Able to build relationships and work collaboratively with colleagues in IT and a shared service provider for effective and efficient process delivery and improvement
- Working knowledge of the breadth of Information Security aspects, including business continuity, physical security and data protection

**Highly Desirable Skills and Experience**
- Hands on experience of a Governance, Risk, and Compliance tool (i.e. Archer or equivalent)
- Able to translate Information Security and IT risk language into business language
- Able to build and main relationships and influence key stakeholders across the business
- A creative and analytical mind with good customer interfacing and excellent communications skills
- Management of Risk Practitioner or equivalent qualification