Digital Risk & Vulnerability Management Specialist (m/f/d)

98042 | IT & Tech Engineering | Professional | Non-Executive | Allianz Technology | Full-Time | Permanent

Allianz Services is proud to serve and be part of Allianz Group, one of the world's leading insurers and asset managers. Our global footprint, with more than 8800 employees located across ten countries and four continents, enables us to unlock value for our partners across the insurance value chain and deliver superior client experience within Allianz Group. At Allianz Services, we have a strong specialization in core insurance operations, shared services, business analytics, engineering, and management consulting. Our people and our trusted relationships with partners are what matter most. These are rooted in our values of compassion, integrity, and expertise and we strive to continuously evolve, improve, and deliver excellence while contributing successfully to the transformation of Allianz. Caring actively for the environment, for people, and for our customers is what makes us a great place to work and together we are shaping a better and more caring tomorrow.
Allianz Services is a company which belongs to the legal entity, Allianz Technology SE.   

Role overview

Allianz is seeking a hands-on and detail-oriented Attack Surface Management (ASM) Expert to support the continuous discovery, monitoring, and reduction of Allianz’s risk exposure. In this role, you will be responsible for identifying assets, detecting vulnerabilities and misconfigurations, and ensuring risks are addressed before they can be exploited. You will work closely with IT, security operations, and architecture teams to maintain visibility across the global environment and proactively reduce Allianz’s attack surface. This role is essential in strengthening our preventive cyber defense and enabling secure business innovation.

What you do:

• You support and follow on the following prioritization, reporting, risk registration and consequence management on managing attack surface. This includes engaging the following activities:
• Asset Discovery & Exposure Mapping: Continuously identify and map Allianz’s external-facing digital assets (domains, IPs, cloud services, applications), ensuring complete visibility into the attack surface.
• Analyse findings from ASM tools, correlate with threat intelligence and business context, and prioritize exposures based on exploitability and potential impact.
• Issue Validation & Remediation Support: Validate identified risks and exposures, work with IT, DevOps, and application owners to ensure timely mitigation and track remediation progress.
• Misconfiguration & Shadow IT Detection: Detect unapproved or misconfigured systems and services (e.g., open ports, weak encryption, unmanaged cloud services), and initiate appropriate follow-up actions.
• Documentation & Reporting: Maintain detailed documentation of findings, support reporting to management, and contribute to dashboards and KPIs that reflect ASM maturity and progress.
  Security Best Practices Advocacy: Promote awareness of ASM risks and secure deployment practices across IT and development teams, helping reduce exposure from the ground up.

What you bring:

• Higher education degree in Information Security, Computer Science, or a related technical field.
• Attack Surface Management Expertise: Proven hands-on experience in identifying, classifying, and managing external digital assets. Skilled in using ASM platforms (e.g., CyCognito, Palo Alto Cortex Xpanse, Rapid7, or similar) to detect unknown assets, misconfigurations, and exposure risks.
• Technical and Analytical Skills: Solid understanding of internet protocols, DNS, SSL/TLS, cloud infrastructure (AWS, Azure, GCP) and web application technologies. Strong ability to analyse external exposure data, correlate with threat intelligence, and recommend practical remediation actions.
• Collaboration and Communication: Ability to collaborate with IT operations, DevOps, vulnerability management, and SOC teams to support risk reduction. Effective communicator with the ability to document findings, articulate risk impact, and support mitigation efforts in a clear, actionable manner
• We highly welcome candidates with a genuine interest and affinity for Information Technology (IT) and (Generative) Artificial Intelligence (Gen)AI, as these attributes are considered valuable assets to our team. 

What we offer:

• We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad
• We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)
• From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered
• Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges is what makes us a unique employer. 
We are united by a shared commitment: to put our customers first and at the center of everything we do. Their needs inspire our thinking and guide our actions. 
Together, we can build an environment where everyone feels empowered and confident to explore, grow and shape a better future – for our customers and for the world around us. At Allianz, we stand for unity: we believe that a united world is a more prosperous world, and we are dedicated to consistently advocating for equal opportunities for all. The foundation for this is our inclusive workplace, where people and performance both matter, and where integrity, fairness, inclusion and trust are at the heart of our culture. 
 
We therefore welcome applications regardless of ethnicity or cultural Internal background, age, gender, nationality, religion, social class, disability or sexual orientation, or any other characteristics protected under applicable local laws and regulations.

Join us. Let’s care for tomorrow.

#LI-RV1