Head - Information Security - IT

Head - Information Security

- Run, steer, and develop all P&R domains (Business Continuity Mgmt., IT Service Continuity Mgmt., Crisis Mgmt., Global Incident Mgmt., Information & Document Mgmt., Information Security, Outsourcing, Privacy & Data Protection and Procurement), in line with internal & external requirements, business needs, service commitments and P&R framework

- Define and implement an organizational resilience strategy, establish a comprehensive response planning, and perform and execute tests, including follow-up on global incidents and testing failures

- Develop, implement, and adhere to P&R guidelines, procedures, controls, and trainings designed to maintain P&R organization and set standards and functional rules for Services

- Ensure conformity with IT and insurance regulation as well as legal obligations and related Policies, Standards and Rules of Procedure

- Provide a comprehensive, accurate, timely and cost-effective resilience reporting and advisory service to the management in accordance with all relevant regulatory controls, leading practices,

- Identify and analyze relevant Operational Resilience (OR) processes and services to enforce establishment of all phases of the P&R lifecycle

- Coordinate and perform annual OR lifecycle, information security and other safeguarding initiatives in accordance with requirements and identify and monitor changes

- Develop a comprehensive data protection concept and ensure & monitor proper data access controls

- Review the existing and planned data collections and transactions as well as analysis of all IT applications for their conformity and compatibility with legal requirements.