Risk Manager / Information Security Risk Manager

We are seeking highly-motivated individuals with professional

experience to join our team as Risk Manager

/ Information Security Risk Manager,

Risk Management .

ERGO Insurance

Pte. Ltd. is a registered general insurer regulated by the Monetary

Authority of Singapore. We are a wholly owned Singapore subsidiary

of ERGO Group AG, one of the major insurance groups in Germany and

Europe, and we are the primary insurance arm of Munich Re, one of

the leading reinsurers and risk carriers

worldwide.

www.ergo.com.sg

There

are countless good reasons to pick ERGO as an

Employer.

No matter where you are in your

career, we offer various development opportunities in all

departments at all levels.

You'll experience a

fair and open-minded culture where every employee is trusted and

valued.

We support you on your career path.

Professional development is a central part of our philosophy : we

give all our staff the opportunity to develop, both personally and

professionally.

If you have a strong passion to

succeed and aspire to join a company that can offer you an

interesting and diverse career, we look forward to meeting

you!

Requirements : To

be successful in this role, you will possess the following

experience, knowledge and skills :

Degree in Information Security, Computer Science or IT

preferred

5+ years of relevant work experience

(Information Security Officer, IT Auditor etc.)

Industry qualifications such as CRISC, CISSP, CISA,

COBIT, ITIL would be an advantage

Familiarity

with the applicable information security regulations in Singapore,

e.g., MAS TRM Guidelines, would be an advantage

Experience in working with multitude of stakeholders and

teams

Job

description

Information

Security Risk Management (50%)

Work with stakeholders to implement the ERGO Group

Information Security frameworks for the Company, including all

related policies and guidelines. There will be guidance from ERGO

Group's Information Security team.

Conduct gap

analysis with Group framework or Singapore regulatory requirements

and work with the first line to close the gaps.

Support the identification, assessment, and

prioritization of information security threats and work with

relevant stakeholders to improve controls.

Conduct / review security risk assessments and provide

guidance to asset owners in terms of protection needs analysis and

liaison with IT to ensure that these protections are

implemented.

Prepare regular updates to

management and the Segment / Group's CISO on information security

risks, mitigation actions, progress of security measures

implementation, key information security incidents, and risk

assessments.

Assess and challenge the first

line-of-defense's measures and activities and participate in

first-line projects as necessary to provide second-line-of-defence

oversight.

Work with the first line of defence

to co-ordinate and support internal and external information

security-related audits.

Be the designated

Information Security Risk Manager of the

company.

Management of

Other Risks (50%)

Assist Chief

Risk Officer (CRO) to implement an effective Business Continuity

Management (BCM) framework for the Company, including (but not

limited to) the following :

BCM -

Establish and co-ordinate with stakeholders to update the Company's

key BCM documents, e.g. the Business Impact Analysis, Business

Continuity Plan (BCP) and Emergency Management Plan

BCM - Assist in the development and execution of BCP

tests, exercises, remediation of gaps, and attestations

BCM - Carry out / organize BCM training for relevant

stakeholders

Be part of the Risk Management

function and work with the Chief Risk Officer on other risk topics

as required such as Third Party Risk Management and Operational

Risk Control System.

Contact :

career at ergo.com.sg