CrawlJobs Logo

Information Security Risk Manager

awin.com Logo

Awin Global

Location Icon

Location:

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As Information Security Risk Manager (f/m/d) you will own and drive Awin’s global Information Security Risk Management capability end-to-end, ensuring the business not only understands its risks but takes measurable action to reduce them. You will be accountable for embedding a strong culture of risk ownership across the organisation, proactively identifying gaps, and driving remediation through to completion. This role requires structured risk identification, assessment, and reporting whilst acting as a advisor to senior leadership and the board. It ensures that risk appetite is clearly defined, actively used in decision-making, and consistently monitored.

Job Responsibility:

  • Lead enterprise-wide risk identification and assessment across strategic initiatives, technology, and third parties. Ensure risks are prioritised and clearly articulated in business terms (financial, regulatory, reputational) to enable effective decision-making. Drive risk remediation to closure, holding risk owners accountable for delivery and escalating where progress stalls. Ensure risk management is embedded in cross-functional initiatives and considered as part of key business decisions
  • Own and maintain the Information Security Risk Register, ensuring it reflects true risk exposure, progress, and outcomes, not just status updates. Facilitate risk reviews that are focused on decisions, accountability, and measurable progress
  • Define, embed, and maintain the organisation’s risk appetite, ensuring it is actively used in both business and technology decision-making. Establish and track KPIs that measure real improvements in risk posture, not just activity
  • Provide clear, opinionated, and actionable risk insights to senior management and the board. Act as the bridge between technical and business teams, ensuring risks are clearly understood and acted upon
  • Confidently challenge and influence stakeholders to ensure risks are neither understated nor inappropriately accepted
  • Own and continuously improve Awin’s global information security risk management framework, aligned to ISO 27001 and regulatory requirements. Monitor control effectiveness, proactively identify weaknesses, and drive improvements
  • Embed risk management into business processes so that risks are considered early and proactively, rather than retrospectively
  • As the most senior member of the team, mentor and develop GRC team members, building capability in risk management and assurance. Lead horizon scanning across emerging threats, regulatory changes, and industry developments, translating these into practical risk implications and actions for the business

Requirements:

  • Proven track record of owning and delivering risk management initiatives end-to-end
  • Experience driving risk remediation across teams without direct authority
  • Strong experience presenting and defending risk positions to senior leadership and boards
  • Hands-on experience within an ISO 27001-certified ISMS environment
  • Strong knowledge of frameworks such as ISO 27001
  • Experience designing, implementing, or improving control frameworks
  • Experience with GRC platforms (e.g. Hyperproof)
  • Confident communicator (with very good English skills) - able to build relationships and challenge/influence senior stakeholders
What we offer:
  • Flexi-Week and Work-Life Balance: We prioritise your mental health and well-being, offering you a flexible four-day Flexi-Week at full pay and with no reduction to your annual holiday allowance. We also offer a variety of different paid special leaves as well as volunteer days
  • Remote Working Allowance: You will receive a monthly allowance to cover part of your running costs. In addition, we will support you in setting up your remote workspace appropriately
  • Pension: Awin offers access to an additional pension insurance to all employees in Germany
  • Flexi-Office: We offer an international culture and flexibility through our Flexi-Office and hybrid/remote work possibilities to work across Awin regions
  • Development: We’ve built our extensive training suite Awin Academy to cover a wide range of skills that nurture you professionally and personally, with trainings conveniently packaged together to support your overall development
  • Appreciation: Thank and reward colleagues by sending them a voucher through our peer-to-peer program

Additional Information:

Job Posted:
April 05, 2026

Work Type:
Remote work
Icon
Awin Global - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Risk Manager

Information Security Risk Lead

The Information Security Risk Lead is responsible for driving efforts to support...
Location
Location
Thailand , Bangkok
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s/Bachelor’s/University degree or equivalent experience in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline is preferred
  • One or more industry-recognized cybersecurity-related certifications such as CISSP, CISA, CISM, CRISC, ISO 27001
  • 6 - 10 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management / Third-party Risk Management or IT Audit, preferably with experience gained from banking / finance services industry / consultancy / control compliance or legal disciplines
  • Experience in assessing cyber regulatory compliance from BOT, SEC etc.
  • Strong understanding of International Standards/Frameworks such as: NIST, ISO 27001series, COBIT, CIS, GDPR, DORA, etc.
  • Proficient in interpreting and applying policies, standards and procedures
  • Excellent project management and organizational skills (PMP, PRINCE2, etc. is a plus)
  • Strong consultation, reporting writing and communication skills with highly proficiency in both spoken and written English and Thai
  • Thai language fluency is a must.
Job Responsibility
Job Responsibility
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Engagement with local regulators BOT, SEC, TB-CERT, Thai-CERT, MDES, NCSA, etc. on IS related matters
  • Manage regulatory exams and internal & external audits
  • Work closely with Global & Regional Information Security teams to improve processes and reduce risk, and support the IS regulatory related activities for Thailand
  • Manage internal/external resources to organize cyber-attack simulations exercise, coordinating and overseeing vulnerability, mitigation/remediation/correction action plans, and issues management process
  • Accountable for delivery of the associated remediation from regulatory assessments
  • Proficiency in preparing periodic updates / reports / presentation deck for both internal stakeholders and regulators
  • Provide timely and appropriate updates to regional and global stakeholders
  • escalate issues in a timely manner to senior management
  • Build and develop partnerships with business, IT, risk, compliance, IS, senior management staff and stakeholders
  • Fulltime
Read More
Arrow Right

Information Security Identity & Access Management Analyst

The Info Sec Prof Senior Analyst is an intermediate level position responsible f...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant Identity and Access Management experience
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential Identity and Access Management (IAM) risks and make recommendations for enhancement
  • Lead execution of IAM governance procedures, specifically focusing on non-worker identities and IAM resources
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Develop and operationalize key risk indicators for related IAM topics and governance procedures
  • Produce insights from data that are tailored to specific requirements and audiences
  • Execute meetings and communicate complex security topics and IAM standards and best practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Drive technological projects with cross-functional teams that support the expansion of IAM governance
  • Provide IAM consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining, implementing, and governing IS standards to align procedures and practices in compliance with Citi standards
What we offer
What we offer
  • Best-in-class benefits
  • Global benefits
  • Equal opportunity employer
  • Fulltime
Read More
Arrow Right

Information Security Manager

Cogoport is on a mission to bridge the $3.4 trillion Trade Knowledge and Executi...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://cogoport.com/ Logo
Cogoport
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in cybersecurity, risk management, and information security leadership
  • Bachelor's/master’s degree in computer science, Information Security, or a related field
  • Certifications: CISSP, CISM, CEH, or equivalent cybersecurity certifications (preferred)
  • Expertise in risk assessment, penetration testing, and vulnerability management
  • Hands-on experience with security tools such as SIEM (Splunk, IBM QRadar), endpoint protection, and cloud security solutions
  • Strong knowledge of zero-trust security models, identity and access management (IAM), and security operations (SOC)
  • Ability to effectively communicate security risks and strategies to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive cybersecurity strategy aligned with Cogoport’s business objectives
  • Collaborating with senior leadership as the primary authority for all security-related matters
  • Oversee security governance and continuous security improvements across all business units
  • Identify, assess, and mitigate cybersecurity risks across applications, cloud infrastructure, and corporate systems
  • Conduct periodic security audits, risk assessments, and penetration testing to proactively address vulnerabilities
  • Ensure compliance with ISO 27001, GDPR, SOC 2, NIST, and other industry security frameworks
  • Develop, document, and maintain an incident response plan to manage and mitigate security breaches
  • Oversee the implementation and management of security technologies, including firewalls, IDS/IPS, SIEM, and endpoint protection
  • Monitor network traffic for anomalies and cyber threats, taking immediate action against security incidents
  • Lead incident detection, investigation, and response processes while minimizing business impact
  • Fulltime
Read More
Arrow Right

IT Risk Manager

Allianz Services is looking for highly motivated professionals to join the Techn...
Location
Location
Romania , Bucharest
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years business experience in Information Technology, ideally in the financial services branch
  • 2+ years of experience of IT Risk assessment (risk analysis, risk identification, risk estimation, risk evaluation) and/or IT Security
  • Profound knowledge of IT Risk related frameworks and standards (e.g. Allianz Functional Rule for Information Risk Management, ISO/IEC 27005, ISO/IEC 27002, COBIT)
  • Profound understanding of German and European regulatory requirements towards IT (VAIT, DORA)
  • Excellent analytical and problem solving skills
  • Excellent communication and presentation skills and proven experience with stakeholder management and C-level communication
Job Responsibility
Job Responsibility
  • Ensure proper IT risk management for AZ Entities’ IT risks (business risks, IT Operating Model risks, Information Security risks)
  • Perform review and qualified assessment of information risks with respect to all relevant IT Controls, especially the tracking and validation of implemented target measures (controls) as required for objects at risk
  • Ensure adequate risk mitigation planning and execution is performed as well as support the Business Owners in deciding on the adequate risk response
  • Monitor the responses to the Information Risks and report on their status to the COO as well as to Group Functions
  • Contribute to the regular Risk Report for the AZ SE Board of Management
  • Foster strong relationship with Risk function, ISO and other IT Risk Management teams
  • Analyze customer needs and develop innovative concepts to meet customers’ expectations
  • Ability to manage a customer portfolio, influence and steer the process as and when required
What we offer
What we offer
  • Access to counseling services, mental health resources, and well-being sessions
  • Monthly budget via the Benefit platform for personalized benefits packages including comprehensive medical subscriptions, meal tickets, private pensions plans, life insurance, Allianz Tiriac insurance discounts
  • Time off for your birthday, extra days off for each year in Allianz (up to 5), days off for legal holidays that fall on weekends, as well as 24th and 31st of December, plus special allowances to support diverse life events
  • Extensive learning curriculum with technical and soft-skills trainings, international certifications (Agile, Lean Six Sigma, Prince, ITIL, IFOA, ACCA, IACCM and more), learning resources from LinkedIn and Allianz platforms, opportunities to advance language skills (German, French, English), leadership Program
  • Performance based-rewards, team and individual recognition programs, internal referral bonuses
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Legal Third-Party Management and Information Security Risk Lead

As part of the Legal Outside Counsel, Third Party Management and Operations team...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ability to assess residual risk in complex vendor environments and make sound defensible recommendations
  • Experience applying risk-based frameworks to prioritize issues and mitigation efforts
  • Strong interpersonal skills for engaging legal, compliance, technology, procurement and senior risk stakeholders
  • Proficiency in creating clear and concise reports dashboards and governance experience
  • Leading or supporting cross functional projects, ability to support risk transformation initiatives, and integrate evolving legal tech and regulatory guidance into assessment methodologies
  • Bachelor’s degree or equivalent
Job Responsibility
Job Responsibility
  • Manage and oversee a set of complex initiatives that span multiple lines of business in the Cyber Security (CS), Information Security (IS) and Third-Party Risk Management (TPRM) space for Global Legal Solutions
  • Assess the risks and effectiveness of Third Party IS processes and controls based on enterprise requirements ensuring the IS risk is within tolerance
  • Evaluate the design and execution of the Legal IS Program, identifies potential enhancements and drives implementation of governance, methodologies and tools required for the effective oversight of Third-Party Management IS risk to continually strengthen the Program
  • Assist the day-to-day activities within the TPM Risk and Info Sec group
  • Monitor, track and control outcomes to resolve issues, conflicts, dependencies and critical path deliverables related to issues and gaps found in the TPISA process
  • Drive implementation of enterprise Third Party Management controls required to be assessed as part of the Managers Control Assessment, reviews results, and determines if remediation actions are appropriate
  • Document control design, testing methodology, and evidence for effectiveness reviews in compliance with Citi's Risk and Control Standards
  • Contribute to quarterly control certifications, issue management processes and audit engagements
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Private medical insurance packages to suit your personal circumstances
  • Fulltime
Read More
Arrow Right

Information Security Officer

Information Security Officer (ISO) is a subject matter expert for business, func...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Sound understanding of Information security domains such as Identity Access Management, Cryptography, Data Protection, Vulnerability Assessment, Single Sign-On, Multi-Factor Authentication etc
  • Knowledge of Cloud and Containers security will be of added advantage
  • Additional technical certifications are preferred
  • Demonstrated ability to research and apply current information regarding the IS field
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
Job Responsibility
Job Responsibility
  • Work directly with business, functions and technology units and relevant stakeholders to facilitate/ perform Information Security risk assessment and risk management processes to protect information assets
  • Work with business and technology management to drive the information security program and information risk management activities
  • Work with the internal Application Development teams to develop strategies and plans for improving architecture and application security
  • Provide strategic risk guidance for business and technology projects, including the evaluation and recommendation of IS controls
  • Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company's reputation
  • Participate in the evaluation and selection of applications and systems with focus on Information Security areas
  • Facilitate compliance with all Information Security policies, standards and regulations / directives as mandated by Global CISO Organization
  • Participate/provide, as required, IS awareness training programs for employees, contractors and approved system users
  • Fulltime
Read More
Arrow Right

Information Security Manager

The Information Security Manager for the KSA Business Unit will be responsible f...
Location
Location
Saudi Arabia , Khobar
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Computer Science, or a related field
  • Professional certifications such as CISSP, CISM, CISA, or equivalent are highly preferred
  • Minimum of 7 years of experience in information security, with at least 3 years in a managerial role
  • Strong knowledge of KSA cybersecurity regulations, including NCA and SAMA frameworks
  • Experience in implementing and managing security controls, risk assessments, and incident response
  • Familiarity with international security standards (ISO 27001, NIST, etc.)
  • Excellent leadership, communication, and stakeholder management skills
  • Ability to work effectively in a regional and multicultural environment
Job Responsibility
Job Responsibility
  • Work closely with the Compliance function to ensure compliance with KSA cybersecurity regulations
  • Ensure adherence to and enforcement of Nextcare’s security policies and guidelines across the KSA business unit
  • Identify, assess, and mitigate security risks, ensuring appropriate controls are in place to protect sensitive information and IT infrastructure
  • Lead security incident response efforts, including investigation, containment, and reporting to relevant authorities
  • Promote cybersecurity awareness across the business unit and conduct training programs for employees
  • Assess and monitor security risks associated with vendors, partners, and third-party service providers
  • Act as the key liaison between the KSA business unit and the regional security team, providing reports on security posture, incidents, and compliance status
  • Oversee security operations, ensuring continuous monitoring, threat detection, and vulnerability management
  • Implement and manage security controls, including Antivirus & Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Proxy Solutions, Email Security, and other controls
  • Stay updated on the latest cybersecurity threats, trends, and industry best practices to strengthen the organization's security posture
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy