Manager Risk Management - IT , Asia Pacific

at  Allianz

Manager Risk Management - IT , Asia Pacific
| Risk Management | Professional | Non-Executive | Allianz Singapore | Full-Time | Permanent#LI-RS1 Entity: Allianz SE Singapore Branch
Job Purpose As the Regional IT Risk Manager (ITRM) you will be responsible for risk management oversight activities related to IT, IT outsourcing, and IT projects in a holistic manner across the region. These activities are an integral part of Allianz’s worldwide Integrated Risk & Control System (IRCS) and Non-Financial Risk Management(NFRM), comprising an annual cycle of scoping, risk & control assessments, control testing, and reporting. The responsibility includes supporting and consulting the various entities (OEs) in the region as well as reviewing and challenging the OEs’ reporting. To achieve your objectives you will be closely working with Risk in the OEs and the relevant sister functions at the regional hub in Singapore. In addition, the successful management of an " Operational Risk & ITRM Community” will contribute to your goals. Interaction with the respective Group Centre is essential to manage and relay Group expectations and ensure the regional hub’s oversight responsibilities are discharged adequately. You will be reporting directly to the Regional CRO, functionally aligned with the Regional Head of IT Strategy and Performance Management.

What you do

• Coordinate the OEs’ IT risk management activities along the annual IRCS/NFRM Cycle with the main involved functions, in particular Risk Management; Protection & Resilience; Information Security and ensure functional alignment on OE and regional level
• Ensure IT risk management, risk appetite, policies are formulated at OEs in the region to meet Allianz Group’s IT risk management requirements/expectations
• Challenge and review OEs’ results from the annual process regarding scoping and risk & control assessments
• Support control testing activities on OE level along the Control Objectives; challenge results
• Review appropriateness of relevant risk mitigation strategies and remedial actions with follow-up and escalation (e.g. AZAP Risk Committee) as needed
• Ensure adequate level of data quality in Group Risk’s IT solution OpenPages/ORGS
• Ensure a holistic view on IT related aspects as well as an uniform approach at OEs incl. best practice sharing
• Transparently communicate OE control weaknesses and discuss in the GovCC both from a Design and Operating Effectiveness perspective
• Support by offering guidance, training to improve awareness and insights for decision making/prioritization
• Present insights and conclusions of IT risk management oversight to the AZAP Governance & Control Committee and the Board-level AZAP Risk Committee
• Ensure that OEs meet all internal reporting deadlines related to IT risk management
• Collate and review of Project Risk Assessement(PRA) result at OEs and improve the PRA process
• Create and sustain strong working relationships with all relevant stakeholders on OE, regional and Group level

What you bring

• Bachelor’s Degree and above
• At least 7 years of experience in IT Risk Management in the Insurance sector, thereof at least 3 years in an IT governance or IT audit
• Experience and knowledge of Project Risk Assessment (PRA)
• Knowledge of relevant frameworks, for example COBIT2019
• Excellent English verbally and in writing; knowledge of regional language(s) an asset
• Exposure to an international working environment, preferably in a regional role
• Holder of a relevant professional qualification (risk and/or IT)
• Demonstrated senior experience in Insurance, or financial services
• Solid understanding of IT regulation and requirements and global IT risk management frameworks
• Independent working; business-minded, pragmatic and result-orientated can-do attitude; strong analytical and communication skills; assertive yet co-operative team player
• Ability to deliver high-quality results on time while working under time pressure; flexibility in task management in order to adapt to changing priorities and delegating these effectively
• Ability to build and maintain cross-departmental relationships; strong professional presence, interacting effectively with management and OE teams while taking full ownership of tasks

• Coordinate the OEs’ IT risk management activities along the annual IRCS/NFRM Cycle with the main involved functions, in particular Risk Management; Protection & Resilience; Information Security and ensure functional alignment on OE and regional level
• Ensure IT risk management, risk appetite, policies are formulated at OEs in the region to meet Allianz Group’s IT risk management requirements/expectations
• Challenge and review OEs’ results from the annual process regarding scoping and risk & control assessments
• Support control testing activities on OE level along the Control Objectives; challenge results
• Review appropriateness of relevant risk mitigation strategies and remedial actions with follow-up and escalation (e.g. AZAP Risk Committee) as needed
• Ensure adequate level of data quality in Group Risk’s IT solution OpenPages/ORGS
• Ensure a holistic view on IT related aspects as well as an uniform approach at OEs incl. best practice sharing
• Transparently communicate OE control weaknesses and discuss in the GovCC both from a Design and Operating Effectiveness perspective
• Support by offering guidance, training to improve awareness and insights for decision making/prioritization
• Present insights and conclusions of IT risk management oversight to the AZAP Governance & Control Committee and the Board-level AZAP Risk Committee
• Ensure that OEs meet all internal reporting deadlines related to IT risk management
• Collate and review of Project Risk Assessement(PRA) result at OEs and improve the PRA process
• Create and sustain strong working relationships with all relevant stakeholders on OE, regional and Group leve