Information technology officer job description

Munich Re America Services (MRAS) is a shared service organization that delivers services to all Munich Re US P&C Companies and other group entities.

For the section "Information Technology Risk Management and Security (ITRS) Information Technology Security Office" of the central division IT, the Information Technology Security Officer (ITSO) will possess specific skills outlined below. This office focuses on providing information and cyber security leadership through the ITSO role to defined offices and/or departments throughout the Munich Re organization.
About This Role:

The ITSO is responsible for information security management in a number of defined offices and/or departments, which may or may not fall into the same geographic environment. The ITSO reports to the Head of Information Technology Security Office (ITSO) - Americas and supports specific business units that are part of Hartford Steam Boiler (HSB). The successful candidate will work closely with the Senior ITSO for HSB and support the development and implementation of Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect Munich Re. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Tasks:
Develop and maintain in depth understanding of Business Unit / processes, systems, technologies, data, customers, consumers, partners Act as the primary local security contact / adviser for the business executives and their IT, Architecture, Operations, HR, Finance, Legal and other local personnel Support the implementation of the Information Security Management System across the assigned Business Unit(s) Proactively identify nonconformity and areas of potential improvement and facilitate development of pragmatic solutions to address issues, utilizing the security assessments and observations processes Engage with clients and customers as needed to assist the business to achieve its objectives with pre and post sales activities (e.g. explain our security program, support external audits, support bids/RFP process, assist in customer communication of security incident, etc.) Participate in BU related conferences, client facing engagement, industry forums to represent the Security program Work with Incident Response and Crisis Management teams to effectively manage incidents to an acceptable resolution; assist with investigations as needed Contribute to the definition, development, and oversight of a global security management strategy and framework Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against the business Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement Adhere to, advise, oversee, monitor and enforce frameworks and methodologies that relate to technology controls / information security activities Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise Initiate training where necessary and contribute to planning and execution of awareness activities Ensure efficient flow of relevant information to the Global Head of ITSO and other stakeholders


Qualifications
Technical degree (preferably in IT) or an IT expert with outstanding knowledge of IT infrastructure and an experience of 6 - 8 years in security A solid understanding of security best practices and international standards such as ISO2700, NIST and PCI DSS Security Training and Awareness, Security Governance, and Security Incident Management knowledge & experience Knowledge and experience of Information Security Risk and Security governance and Basic knowledge of laws applicable in offices in the area of responsibility Information Security Certification / Accreditation an asset Expert knowledge of IT security and risk disciplines and practices Advanced knowledge of organization, technology controls, security and risk issues Demonstrated ability to participate in complex, comprehensive or large projects and initiatives Customer orientation, strong negotiating and problem solving skills Willingness to travel Initiative, creativity and an open mind for innovation Strong planning, organisational and presentation skills Highly result oriented and structured Very good command of Business English, both spoken and written

At Munich Re US, we see Diversity and Inclusion as a solution to the challenges and opportunities all around us. Our goal is to foster an inclusive culture and build a workforce that reflects the customers we serve and the communities in which we live and work. We strive to provide a workplace where all of our colleagues feel respected, valued and empowered to achieve their very best every day. We recruit and develop talent with a focus on providing our customers the most innovative products and services.

We are an equal opportunity employer. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal.
This position can be located in Des Moines, IA, Sioux Falls, SD, Billings, MT, and Omaha, NE.

SUMMARY
The Risk Officer is responsible for leading the Informational Technology risk oversight within the Enterprise Risk Management (ERM) group. Responsibilities include developing, implementing, maintaining, and managing Information Technology (IT) and Information Security (InfoSec) risk management functions that are aligned with regulatory expectations and corporate guidelines. The position requires sound knowledge of the financial institution landscape with a broad understanding of technology, technical process documentation and IT control/procedure identification.

The Risk Officer will proactively work with business units and IT stakeholders to assist and lead both risk and control assessment reviews and implementing ongoing monitoring and testing strategies for operational controls that meets enterprise policies and standards. This position collaborates with IT stakeholder on identifying, evaluating, mitigating, and reporting on operational IT risks. Responsible for ensuring identified controls meet compliance and regulatory requirements and aligns with and supports the risk posture of the enterprise.

ESSENTIAL DUTIES & RESPONSIBILITIES
Assists in overseeing the management of the IT risk framework; works with business stakeholders, business units and the ERM team to ensure IT/Infosec risks are appropriately identified, monitored, and assessed within established policies and regulatory best practices.Assist in leading the analysis and review of system outages to isolate key driver themes and work with IT stakeholders to formulate and address action plans. Collaborate and lead in the management of all annual IT/Infosec control assessments; review, monitor and test identified controls within assessments.Ensure the completion, review, and effective challenge for all IT/Infosec policies, standards, and procedure processes.Responsible for the early identification of any emerging technology and cyber risks; responsible for ensuring effective controls are in place to mitigate identified risks.Facilitate and lead business stakeholders through the remediation of all outstanding regulatory or audit issues; ensure identified control or process deficiencies are remediated through the design of action plans to address gaps in existing controls.Monitor and challenge IT/Infosec business continuity and disaster recovery program plans Assist risk & IT leaders with enhancing existing risk and control assessment methodologies as well as identifying development opportunities for new assessments Guide stakeholders through the design and reporting of key risk and performance indicators Assist in the effective challenge of inherent and residual risk ratings and lead the identification of and changes to strategies or regulations for assigned business units Conduct IT risk management education and training in accordance with established timelines.

EDUCATION and/or EXPERIENCE
Bachelor's degree in an IT related field or equivalent experience required.At least 5 years of banking experience in a role with a background in technical process documentation, risk, and control assessments.Deep understanding of information security industry frameworks (COSO, NIST, FFIEC).CRISC, CISM, or CISSP certifications preferred Must have excellent communication and interpersonal skills to interface with enterprise stakeholders.Must have the ability to work independently and to prioritize projects/responsibilities with strong organizational skills and attention-to-detail.

LANGUAGE SKILLS
Ability to read, analyze, and interpret common scientific and technical journals, financial reports, and legal documents. Ability to respond to common inquiries by and to effectively present information to regulators, management and/or boards of directors.

REASONING ABILITY
Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.

PHYSICAL DEMANDS
While performing the duties of this job, the employee is regularly required to walk and talk or hear. The employee frequently is required to stand and sit. The employee is occasionally required to use hands to finger, handle, or feel; reach with hands and arms; and stoop, kneel, crouch, or crawl. The employee must frequently lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision.

WORK ENVIRONMENT
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate.
**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal.

Our Mission at Allianz Technology is Leading IT with you!

Leading IT means shaping the IT agenda of Allianz, providing leading IT solutions to Allianz and showing the confidence to lead... with you.

Be the IT provider of the Allianz Group to run, optimize, transform and innovate infrastructure, applications and services together with organizational entities to co-create the best customer experience.

CIO Global Strategy & Coordination

Central for global - define, own and manage the internal IT for Allianz Technology!

Here, the main focus are our employees around the globe, to whom we want to provide a standardized IT Workplace experience!

Key Responsibilities

* IT cost control and analysing IT self-consumption
* Implementing new internal Tools and Applications
* Coordinate SW and HW updates in alignment with the Service Owner
* Prepare End User communication and conduct Demo and Training sessions
* Organize workshops with CIO SPOCs in our Branches worldwide for knowledge transfer and best practice
* Help to maintain the IT Risk framework and track control progress

Key Requirements

* Communication in English and German other languages are a plus
* Good experience with Microsoft365 (Excel, PPT, Teams, …)
* Personal initiative and acting independently
* Enjoy Teamwork
* You can start immediately and are interested in a working student position for 6 months- part time (16-20 h/week)

What do we offer you?

* A modern and open space office located in Munich
* Flexible working hours
* A student discount in our outstanding canteen
* Free LinkedIn Learning Account and many other opportunities to develop new skills
* A big student community with many options for networking
* A highly talented, dynamic and international team
* Job opportunities in a global company

Need to know

* Requirement for internship and working student positions is the enrollment in a university - or (for an internship) a gap year.
* We can only consider your application if you provide the following documents:
* Certificate of enrollment (exception gap year)
* Valid Work and residence permit (for non-EU citizens). Please check before applying if you can work with your current VISA.

Interested? Then dare to write your own story and start your career at Allianz Technology!

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us.

We at Allianz believe in a diverse and inclusive workforce and are proud to be an equal opportunity employer. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in.

We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.

Join us. Let's care for tomorrow.