Regional Information Security Officer Asia

**Job Purpose/Role**

The Regional Information Security Officer (RISO) APAC is a key role within the Allianz Technology’s global IS organization. The RISO shall be responsible for oversight of the related ISMS activities, risk identification and assessment, prevention and advice to regional management as well as to the Local IS Functions with respect to the Information Security risk areas of the region, such as services provided to the Allianz-internal customers including those provided by 3rd parties. In his/her function, the RISO will be instrumental in building up and integrating IS assurance capabilities and have a direct functional reporting line to the APAC Chief Operating Officer & Chief People Officer role, as well as to the central ISO function.

**Key Responsibilities**- Oversee the regional Information Security function’s activities, including all aspects of people management, and liaise with the central Information Security Team; support the Central Information Security Function in the target setting process for local Information Security functions; track target achievement within area of responsibility;- Exchange within CTO area and support regional and local executive body in their regulatory Information Security-related governance requirements and their responsibility to set up sound organizational and operational structures and procedures;- Serve as central contact person for information security-related matters in the region, including interfaces to business, partners, customers and other safeguarding functions;- Provide information security consulting and liaison with all relevant stakeholders and regional management;- Ensure the effective implementation of Information Security principles and procedures during the full service life cycle of services offered by Allianz Technology, including those provided by external parties and outsourcing partners;- Systematically assess the effectiveness of security controls in all services provided by Allianz Technology, its partners and third-party providers;- Oversee the implementation of and compliance with Group-wide IS framework, regulatory requirements and industry security standards in all Allianz Technology services and in projects; oversee the annual compliance reporting process for local entities; assess and address deviations from security policies and contractual security provisions, as well as developing effective strategies to mitigate identified information security risks;- Regularly exchange with and contribute to the global Allianz Technology ISO community

**Key Requirements/Skills/Experience**- University degree in computer science, natural sciences etc. or equivalent professional experience;- Long track record of experience in IT, 5 years+ experience in Information Security related fields and/and or risk management;- Sound knowledge of IT security technology, architecture and processes and profound knowledge of information security management systems and relevant industry standards and control frameworks (in particular ISO270xx, COBIT2019); local regulatory standards- Professional experience with supplier management (including Cloud providers), IT outsourcing and relevant control frameworks; track record in defining and monitoring contractual information security provisions.- Proven track record in people management and/or project management in complex enterprise environments;- Ability to cope with high workload, and being able to exercise good levels of independence, judgment and initiative;- Proficient in English language, excellent international communication skills including the ability to prepare professional documentation for various audiences and senior management;- Desirable certifications: CISM/ CISSP; ISO27001 Lead Implementer/Auditor