Technology Risk Manager (f/m/d)



Barcelona, Spain
Posted on Tuesday, January 30, 2024

wefox is a world-leading insurtech company driven by a single purpose: to enable people to be safe by making insurance 10 times better through technology. Together with more than 1300 employees in 8 locations across Europe, we are on a mission to give the world easy access to digital insurance solutions.

We provide our customers with 360-degree advice through our network of advisors and optimise each individual’s risk coverage by offering innovative prevention, assistance, and insurance products. We integrate the extensive know-how built up in the individual countries and the exchange of experience to build strong expertise among the wefox technology experts in our Tech Hubs in Barcelona, Paris, and Milan.

We are looking for a Technology Risk Manager to join our Platform Technology team in Spain, reporting to the Chief Platform Officer with a matrix reporting line to the Chief Risk Officer. Your daily work will primarily focus on establishing a best in class approach for managing technology risks and driving the implementation of an automated Internal Controls System around wefox’s platform. You will work side by side with and provide guidance to a multidisciplinary and multicultural team distributed among our different offices around Europe.

In this role you will:

  • Act as the subject matter expert for Technology Risk Management and Risk Advisory business partner for the Platform Tech and Product business unit
  • Implement and continuously improve an automated Internal Control Systems framework based on international standards (e.g. ISO 27001 or CIS Critical Security Controls) and best practices, to mitigate risk exposures and in preparation for future certification
  • Monitoring of the Internal Control System, including testing using assurance data analytics tools, and related risk and audit actions
  • Engage with technology and platform product stakeholders to proactively identify risks at a granular and technical level and ensure that the platform organisation is effectively driving remediation activities and to continuously improve technology risk posture
  • Participate or lead Technology Risk initiatives and emerging risk reviews
  • Support the Chief Risk Officer and Chief Information Security Officer in all IT related risk matters

What you bring:

  • Demonstrated experience in Identifying, assessing and advising on technology risks and associated Internal Control Systems with a minimum of 4-6 years hands on experience
  • Excellent organisational, problem solving and interpersonal skills to effectively drive the Technology Risk agenda
  • Experience to driving Technology risk management in an automated manner a plus
  • Sound knowledge of maintaining, enhancing or auditing an ICS covering technology risks
  • Good technical competencies and exposure to IT application or infrastructure development, support and management processes for a modern technology stack
  • Profound know how of Technology ICS frameworks (e.g. ITIL, COBIT, ISO 27001, CIS CSC)
  • Fluency in English is mandatory, German or Spanish is a plus
  • Professional certifications a plus - CISA/CISM/CISSP/CRISC/CBCP

What we offer:

Now, we’ve gotten to the fun part, the part where you get to brag about your company, those perks your friends are so jealous of!

Here are some of them*:

  • Flexible working hours including hybrid working
  • A stack of the latest technologies and working gadgets
  • Training and Coaching opportunities
  • Free coffee, fruit and snacks, because we need fuel!

If you love a less-formal work environment, flexible paid time off, a great compensation package and benefits offering - and most of all, being the authentic you, get in touch, we want to meet you!

To all the misunderstood geniuses, rebels and mavericks looking to change the world for the better. Come work with us!

* Additional Benefits vary between countries and can be explained in more detail by a TA Partner.

Your contact person for this role is Shivani Bhardwaj

We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.

By submitting the application I confirm to have read and accepted the data privacy policy governing the job application process.