ICT Risk Manager

You will gain exposure to several international asset management companies in Europe and US, managing sophisticated strategies and different opening models.

As a member of the Operation Risk team, the candidate will be part of a structure responsible for two major areas:

Governance and steering:

• Overseeing the implementation of the ICT Risk Management Framework across the Group Asset Managers in scope, improving understanding and communication of risk and challenging how risks are managed
• Granting a sound and robust management of ICT risks borne by assets managed by Group Asset Managers and borne by the Group Asset Managers themselves, providing a consolidated view at GIH level
• Streamlining and enhancing the ICT Risk Framework, coordinating the maintenance of the ICT Risk Governance (Policies and practices) and DORA framework
• Leading the onboarding of new Group Asset Managers onto the ICT Risk Management framework
• Execution of the ICT Risk Management framework for the Group Asset Managers that have outsourced these activities to GIH
• Liaising with the main stakeholders within Group Asset Managers (IT & Security) to assess and manage ICT Risks
• Report to the Local CRO at the Group Asset Managers and to the relevant governing bodies the results of the ICT risks activities

The final candidate will perform the following activities:

Governance & steering:

• Perform monthly meetings with Group Asset Managers to monitor the execution of the ICT Risk management activities
• Consolidate on a quarterly basis the results of the ICT Risk Management activities at GIH level and report the results to GIH Risk and Control Committee
• Prepare annual consolidated reporting for GIH Board of Directors on the evolution of the ICT Risk management framework and its operating effectiveness
• Support the design, implementation and maintenance of the overall ICT Risk Management Framework
• Coordinate the Local CRO of newly acquired Group Asset Manager for the implementation of the ICT Risk framework
• Identifying and updating ICT & Cyber risk events related to business area managed
• Reviewing ICT & Cyber risk Scenarios based on its peculiarities
• Execute quantitative and qualitative risk methodologies
• Performing the economic quantification of ICT and Security Major incidents to evaluate DORA relevance
• Setting of ICT Risk Appetite Framework together with CISO and COO
• Analyzing of Operative risk tolerances quarterly evidence monitoring collected and defined mitigation actions
• Overseeing escalation process in case of hard limits breach and formalizing detailed risk evaluation
• Reviewing reports and evidence shared by IT and Security functions (e.g., Backup and restore reports, Vulnerability assessments)
• Formalizing executive reporting providing update on ICT Risk Management Framework risk evidence and key enhancements
• Formalizing and annual Reviewing ICT & Cyber Risk reports (e.g., ICT & Cyber Risk Report and IT Booklet)

Our ideal candidate will meet the following requirements:

• Bachelor's degree in Computer Science, Information Technology (or equivalent experience)
• Understanding of ICT and cyber security risks and the ability to develop and execute effective testing strategies with a good understanding of regulatory compliance requirements for the Financial Markets and Asset Management Industry
• At least 2-5 years of relevant experience within information security or cyber risk management
• Experience with ICT risk management methodologies (e.g. ISO, COBIT, NIST)
• Experience with relevant regulation (e.g. GDPR, DORA)
• Knowledge of statistical analysis and financial modeling

Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development, and welfare of modern societies. Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees.

Generali Investments Holding (GIH) oversees the Generali Group's global Asset Management activities, GIH gathers all the Generali affiliates, acting as majority shareholder. With over 600 bn€ under management, it is one of the leading European asset managers.

Generali Investments, characterized by an innovative product offering and significant geographical diversification, supports the acceleration of our Group's Investments and Asset Management strategy. The Generali Investments Ecosystem is spread across the world, allowing us to strengthen our knowledge of multiple markets and significantly improve the service rendered to our customers.