IT RISK MANAGER

Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with

Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies

Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees. Our Group aims to become the standard bearer and industry leader in the European retail insurance market, building on our existing base of 50 million retail clients, out of an overall total of 72 million

GSS provides shared services to the Group Companies, with Head Office in Italy and Branches in 5 European Countries, a total staff of about 1.000 people.

 For the Chief Risk Officer Division we are looking for an IT Risk Manager.

 

The IT Risk Manager supports periodic risk campaigns, supports all departments in risk detailed analysis and supports risk analysis in strategic projects. The goal of the activities is to achieve the higher added value of risk analysis for Top Management and Customers.

 

The IT Risk Manager supports also Head Office and other Group Legal Entities for IT Risk evaluation necessary for Group’s Internal Model. He/ She gives guidance on IT Risk methodology. The goal of the activities is to reach a common and harmonized IT Risk methodology across the Group, in line with Regulators’ expectations.

 

Job practice domains:

  • Risk Identification, Assessment and Evaluation

  • Risk Response

  • Risk Monitoring

  • Information Systems Control Design and Implementation

  • IS Control Monitoring and Maintenance

Key activities:

  • Support the risk identification

  • Perform for regular alignment with customers on shared risks

  • Perform risk analysis on selected projects

  • Support regular updates on methodologies, tools and documentation for continuous improvement

  • Support the fulfilment of existing reporting requirements

  • Perform risk scenario analysis

  • Support the regular alignment with all Legal Entities involved in IT Risk activities

  • Ensure application of state of the art methodology and tools, supporting other local Risk Managers

  • Ensure alignment with Operational Risk Management methodology and activities

Key organizational relationships:

 

The IT Risk Manager is closely aligned with the Head of Enterprise Risk Management and with Group Operational Risk office. He/she interacts regularly with company’s Top Management and with Operational Risk Management of other Legal Entities.

The ideal candidate will meet the following requirements:

  • Experience in risk, compliance or audit topics

  • Experience in methodology definition and group legal entities/international branches coordination

  • Knowledge of international standards (ISO 31000, COBIT 5, ITIL v3, ISO 27001)

  • Knowledge on risk based approaches

  • Basic project management skills

  • Effective presentation skills

  • The achievements of one or more of the following professional certification is required: CISA, CISM, CGEIT, CRISC, ISO27001 LA, COBIT 5 Foundation, CSX Fundamentals, CSX Practitioner, ITIL v3 Foundation, CIA, CRMA

Educational requirements:

  • Bachelor's degree in Computer Science, Mathematics, Statistics or related

  • Fluent English, another European language(s) is a plus

Behavioural and Soft skills:

  • Strong listening and mediation/negotiation skills

  • Problem-solving and analytical skillset 

  • Communication skills and ability to manage a wide array of different stakeholders

  • An untarnished reputation for integrity

  • Proactivity to drive qualitative results

  • A global mind-set