Head of Information Security - GRC - 10 -12 Month FTC

Role Description

Reporting to the Chief Information Security Officer (CISO), you will lead the governance, risk, and compliance (GRC) function for Information Security across Allianz UK, including the supplier assurance team. This role ensures alignment with internal frameworks, regulatory requirements, and industry standards.

Further you will be pivotal in driving the security culture of Allianz and leading our outreach and Information Security risk agenda across our supplier ecosystem.

This is a 10-12 Month Fixed Term Contract.

Key Accountabilities

Governance & Strategy

• Define and execute the InfoSec governance strategy aligned to business objectives and corporate risk appetite.
• Lead the Governance annual self‑assessment, ensuring alignment with Allianz Group expectations.
• Oversee the annual NIST, Cyber Essentials certification and PCI‑DSS attestation processes.
• Ensure compliance with Allianz frameworks (AFRIT, AFRIS, AFIRM) and UK regulatory standards.
• Develop and maintain the InfoSec control framework, integrating with AZC and AZP change governance.

Risk Management

• Own and manage the Archer GRC platform activities, including risk identification, assessment, mitigation, and reporting.
• Maintain the InfoSec risk register and ensure timely resolution of actions by risk owners.
• Provide assurance that InfoSec risks are monitored and managed across operational and change environments.
• Engage with Board Risk Committee, Compliance, and Audit to ensure InfoSec risk management is aligned with enterprise governance.

Supplier Assurance

• Oversee the information security assurance of third‑party suppliers, ensuring alignment with internal policies and regulatory requirements.
• Maintain a supplier risk assessment framework, including onboarding, periodic reviews, and exit processes in line with Group requirements.
• Ensure suppliers meet contractual InfoSec obligations and provide evidence of compliance (e.g., certifications, assessments).
• Collaborate with Procurement, Legal, and Risk teams to manage supplier‑related risks and remediation activities.
• Escalate key risks and issues to information security and OPSIT leadership as necessary.

Reporting & Assurance

• Lead the production of executive governance reporting and submissions to Allianz Group and local stakeholders.
• Deliver regular board‑level reporting on information security posture, risk trends, and compliance status.
• Act as IRCS Risk Officer for InfoSec, supporting AZC and AZP risk committees with governance MI.
• Evaluate risk mitigation and audit response plans, escalating risks beyond appetite to senior leadership.

Collaboration & Oversight

• Partner with the wider OpsIT function and the business to embed InfoSec controls across BAU and project activities.
• Ensure delivery of InfoSec quality, standards, and assurance functions with effective performance tracking.
• Monitor the effectiveness of InfoSec controls and elevate deficiencies to the CIO and senior leadership.

Technical Skills

• Lead and oversee robust IS governance & risk frameworks based on industry standards within delivery methods and processes.
• Ability to produce reports, presentations and formal papers for senior stakeholders.
• Manage comprehensive security risk catalogue with clear ownership and tracking mechanisms.
• Enhance security controls within IT delivery methods and associated processes.
• Ensure quality assurance of security elements in change projects, collaborating with Change Directors.
• Partner with CIO to maintain comprehensive security control oversight across operational environments.
• Document, test, and remediate key security controls to maintain a secure technology environment.
• Track and elevate audit findings, ensuring timely remediation of security issues.

Key Competencies

• Business‑focused security mindset with strong customer orientation.
• Adaptability to evolving threat landscape.
• Strategic relationship management across technical and business stakeholders.

Experience

• Extensive relevant experience in Information Security and risk management.
• Strong track record of Group alignment and CXO committee exposure preferred.
• Business knowledge of the insurance sector preferred.
• Consulting experience or customer‑facing sales experience preferred.
• Experience in using presentation tools to a high standard.

Desirable Skills

• Responsible AI usage.

What We Will Offer You

• Flexible buy/sell holiday options.
• Hybrid working.
• Annual performance‑related bonus.
• Contributory pension scheme.
• Development days.
• Discount up to 50% on a range of insurance products including car, home and pet.
• Retail discounts.
• Volunteering days.

At Allianz, we believe in fostering an inclusive workforce and are proud to be an equal opportunity employer. Our commitment to equal opportunities, gender equity, and balanced gender representation is demonstrated by our numerous accreditations: EDGE certified for gender inclusion, Women in Finance Charter members, Disability Confident employer, Stonewall Diversity Champion, Business in the Community's Race at Work Charter signatories and Armed Forces Covenant gold standard employer.

We embrace neurodiversity and welcome applications from neurodivergent and disabled candidates, offering tailored adjustments to ensure your success.

We encourage our employees to advocate for their needs, whether it is assistive technology, ergonomic equipment, mentoring, coaching or flexible work arrangements.

#J-18808-Ljbffr