IT Risk Manager F/M

The Risk Manager will be a member of the Internal Control team and pro‑actively participate to the implementation and management of different Solvency II Pillar 2 requirements, mainly regarding the Operational Risk Management framework and the Internal Control system. He will work mainly on the monitoring and steering of the IT Risk Management. He will directly report to the Group Head of Internal Control.

The team is responsible for the assessment, monitoring and steering of the company's operational risk and control framework. Its activities include the management of operations, compliance, financial reporting, IT, and project risks.

Under the guidance of the Head of Internal Control, the IT Risk Manager will be responsible for performing IT Risk Assessment and overseeing the planning and execution of IT Controls testing. This includes the collection and review of evidence, coordination with service owners and Allianz Technology (AZ Tech) for any missing documentation, and ensuring timely delivery of IT control testing. Additional responsibilities include 2LoD oversight of IT Risk and driving enhancements to ITRM framework in response to regulatory changes.

• Perform IT Risk Vectors Assessment at AZ Trade Group level to address risks and mitigation actions.
• Lead the planning and execution of IT control testing, including evidence collection, review, and follow‑up with service owners and AZ Tech for any missing documentation.
• Manage and coordinate the delivery of IT control testing to meet agreed deadlines.
• Review and document control testing results, and collaborate with AZ Tech and service owners to agree on mitigation plans for any control deficiencies.
• Prepare control test result reports for Risk Committees (RiCos) and upload test results into ORGS.
• Drive progress on mitigation actions and follow up with AZ Tech and service owners on their execution.
• Support the enhancement of the 2nd Line of Defense (2LoD) IT Risk Management (ITRM) framework, considering regulatory expectations such as the Digital Operational Resilience Act (DORA).
• Assist in covering IT and Information Security (IS) topics in relevant Governance Committees.
• Provide support in resolving escalated IT and IS issues.
• Communicate transparently with all IT stakeholders, keeping them informed of potential issues and escalating any problems or delays.

• Fluent in English (speaking and writing)
• Knowledge of IT regulation
• Communication and delivery skills
• Capacity to teach/train/explain
• Ability to lead meeting/workshop

We stand for unity: we believe that a united world is a more prosperous world, and we are dedicated to consistently advocating for equal opportunities for all. And the foundation for this is our inclusive workplace, where people and performance both matter, and nurtures a culture grounded in integrity, fairness, inclusion and trust. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, social class, disability or sexual orientation, or any other characteristics protected under applicable local laws and regulations.

Let’s care for tomorrow.