ICT / Operational Risk Manager (m/f/x)

About us:

The world around us is changing rapidly and so is the insurance industry. Now’s the right time to make a bold move and shape the future of insurance – this is Allianz Direct! As a pan-European online insurer of the Allianz Group, launched in 2019, Allianz Direct is on its mission to become the most customer-oriented and efficient insurer on the market. Allianz Direct is truly changing the face of insurance, in customer experience, and in technology, processes, people and culture. 

An international team of business experts and engineers who live and breathe an agile way of working, are seeking to improve and change the way you do insurance. Driven by customer obsession and love for data, Allianz Direct strives for delivering an exceptional experience with a personal touch.

So, what makes Allianz Direct so unique? We believe in the power of simplicity and convenience and by doing so we have managed to set new standards when it comes to online insurance. 

Job Summary

The ICT / Operational Risk Manager is a key member of the Allianz Direct Risk Management team, with a primary focus on ICT (Information & Communication Technology) and broader non-financial risks. In this role, you design, implement, and maintain state-of-the-art frameworks, policies, and tools to identify, assess, monitor, and mitigate ICT and operational risks across all Allianz Direct entities.

You provide independent oversight and challenge to the first line of defence, ensuring risk management practices are aligned with Allianz Group standards, regulatory requirements (including DORA), and our defined risk appetite. By turning complex risk information into clear, decision-ready insights, you directly support the resilience, security, and strategic ambitions of Allianz Direct’s digital business model.

You will collaborate closely with IT, Cybersecurity, Operations, Group functions, and senior management, contributing to a strong risk culture and continuous improvement of our non-financial risk management.

Key Responsibilities

ICT & Non-Financial Risk Framework

•    Implement, maintain, and continuously enhance a state-of-the-art ICT and non-financial risk management framework across Allianz Direct, ensuring alignment with Allianz Group standards, regulatory requirements, and industry best practices (e.g. DORA).
•    Provide independent oversight and challenge to ICT risk management activities across the organisation, ensuring that mitigation strategies are effective and consistent with the defined risk appetite.
•    Support first line functions in identifying ICT and operational risks, defining key controls, and embedding risk and control assessment (RCA) processes in their daily operations.
•    Contribute to the simplification and standardisation of ICT and non-financial risk processes and documentation, ensuring scalability in a digital, international environment.

Risk Assessment, Controls & Issue Management

•    Support the business in identifying ICT and operational risks, designing controls, formulating action plans, assigning owners, setting deadlines, and validating outcomes with risk owners.
•    Perform quality assurance on RCAs, control documentation, and control testing results, providing expert guidance and constructive challenge.
•    Monitor the execution of action plans for issues raised by risk owners, internal audit, external audit, or regulators; escalate material delays or deficiencies to the Risk Committee and senior stakeholders where appropriate.
•    Identify and promote best practices in internal controls and support the definition and implementation of risk remediation and development plans.
Reporting, Governance & Stakeholder Management
•    Independently report on ICT and non-financial risks, including the effectiveness of related controls and remediation actions.
•    Prepare high-quality, management-ready risk reports and dashboards, supporting the Chief Risk Officer in reporting to the Board of Management, senior management, and relevant committees.
•    Represent Allianz Direct’s Risk Management function in relevant committees, meetings, and risk assessment workshops, analysing risks, offering constructive challenge, and bringing forward new ideas.
•    Interact with Allianz Group functions, local supervisory authorities, internal audit, and external auditors on ICT and operational risk topics, ensuring transparent and consistent communication.

Risk Culture, Training & Continuous Improvement

•    Prepare and deliver local entity training sessions, awareness campaigns, and communication materials to further strengthen ICT and non-financial risk awareness and risk culture within Allianz Direct.
•    Proactively identify opportunities to improve risk management processes, tools, and reporting, challenging the status quo and promoting a culture of continuous improvement.
•    Support cross-functional initiatives related to ICT resilience, cybersecurity, and operational risk, ensuring that risk considerations are well integrated into strategic and operational decisions.
•    Foster collaboration and knowledge sharing within the Risk Management team and with other functions, promoting a learning-oriented environment.

Required Experience & Qualifications

•    Master’s or Bachelor’s degree in Economics, Business Administration, Risk Management, Information Security, or a comparable field.
•    Minimum of 3 years of professional experience in ICT risk management, cybersecurity, or operational risk, preferably in the financial services or insurance industry.
•    Experience in risk assessment, issue/impact analysis, and the preparation of concise, executive-level risk reports.
•    Basic understanding of the Solvency II framework, particularly Pillar II; familiarity with ICT-related regulations and standards (e.g. DORA, ISO 27001, NIST) is an advantage.
•    Fluent in English (written and spoken); German or another European language is an advantage.
•    Strong team player with effective communication skills and the ability to work independently, take initiative, and manage multiple topics in an international, cross-functional environment.

Technical Skills (Mandatory)

•    Practical experience with ICT and operational risk management methodologies, including risk and control assessments (RCA), key risk indicators (KRIs), and issue management.
•    Understanding of ICT and cybersecurity risk domains (e.g. access management, data protection, IT operations, incident management, business continuity).
•    Solid MS Office skills (Excel, PowerPoint, Word), including the ability to create clear, management-ready presentations and reports.
•    Familiarity with GRC (Governance, Risk & Compliance) tools or other risk management platforms used to document and track risks, controls, and actions.
•    Basic knowledge of relevant regulatory and industry frameworks for ICT and non-financial risk (e.g. DORA, Solvency II Pillar II, internal policies and standards).

Leadership & General Skills (Mandatory)

•    Strong stakeholder management skills with the ability to engage, influence, and constructively challenge business and IT counterparts at different levels.
•    Clear and confident communication style, able to explain complex ICT and risk topics in an understandable, business-oriented way.
•    Entrepreneurial and change-oriented mindset, with a high level of initiative and willingness to challenge existing practices and drive improvements.
•    Structured, self-motivated, and solution-oriented working style, with strong organisational skills and the ability to prioritise in a dynamic environment.
•    Collaborative mindset, committed to knowledge sharing, supporting colleagues, and contributing to a strong risk and control culture.

99654 | Risk Management | Professional |  | Allianz Direct | Full-Time |

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us.

We at Allianz believe in an inclusive workforce and are proud to be an equal opportunity employer. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.

Join us. Let's care for tomorrow.

Note: Having different strengths, experiences, perspectives and approaches is an integral part of Allianz‘ company culture. One means to achieve diverse teams is a regular rotation of Allianz Executive employees across functions, Allianz entities and geographies. Therefore, the company expects from its employees a general openness and a high motivation to regularly change positions and collect experiences across Allianz Group.