Information Security Officer

We are somewhat different

Hannover Re - more than 3,500 employees at locations all over the world. 

Our strength? Connecting Power: We rely on each other. 

As a reinsurer, we protect customers in the event of a claim. This requires customised, innovative solutions. Solutions that worked yesterday may be outdated tomorrow. We challenge ourselves and continuously optimise our services, advice and products. All this makes us one of the leading and most profitable reinsurance groups in the world as well as a reliable employer.

We are a major player in the Life & Health reinsurance market in Australia and New Zealand and we have the benefit of being small and nimble but with the financial backing of one of the largest reinsurers in the world.  We currently have an exciting opportunity in our Life & Health subsidiary in Sydney which plays a major part in the success of Hannover Re globally. 

We are seeking an Information Security Officer to join our team. The role will be a permanent position reporting directly to our Technology Governance Manager. 

You can look forward to

As our Information Security Officer you will be responsible for supporting and enhancing Hannover Life Re’s information security posture. This includes ensuring adherence to regulatory and compliance obligations, conducting and reviewing ISO 27001 control testing to support certification requirements and promoting robust security controls in collaboration with internal and external stakeholders.

Duties and Responsibilities:

• Provide regular reports to Technology Governance Manager and senior management on the status of technology and information security governance, risk assessments, compliance status and incident reports
• Regulatory and compliance
  • Liaise with internal and external stakeholders to progress and develop the company’s adherence to APRA (CPS 234, CPS230) and industry frameworks (ISO 27001, NIST) supporting the F.A.R requirements
• Governance
  • Develop, update and enforce policies, procedures and standards related to information security, data protection and technology risk management.
  • Work closely with Risk & Compliance and other business units to integrate security and governance practices into technology projects and business processes
  • Monitor and assess the effectiveness of governance practices and controls. Recommend and implement improvements to enhance the organisation's security posture.
  • Develop and maintain incident response plans and protocols. Lead and coordinate response efforts to technology and information security incidents.
• Third Party assessment 
  
  • Support the due diligence activities relating to Third Party assessment, supporting evidence assessment, Information Security risk review, technical discussions and follow-up remediation and resolution of tasks

You come equipped with

Experience & Qualifications:

• Have a passion for Information Security which has evolved over years of experience working in financial services or insurance industries with a strong understanding of Cyber risk, security landscape and incident response with the ability to explain this to the business
• Bachelor’s degree in Information Technology, Cybersecurity or a related field
• In-depth knowledge of the ISO 27001 framework and compliance assessment processes and familiarity with APRA standards, including CPS 234 and CPS 230
• Solid grasp of data protection laws, regulatory obligations and audit review practices
• Experience with risk management and vendor assessment procedures and demonstrated ability to monitor and respond to emerging cyber threats and vulnerabilities
• Strong analytical, problem-solving and organisational skills with clear and effective communication skills, both written and verbal
• Ability to engage with senior stakeholders, including Board-level Executives and skilled in relationship management and cross-functional collaboration
• Capable of working independently and as part of a team
• Experience with platforms such as Digital Guardian and UpGuard are definitely advantageous as are professional certifications such as CISSP, CISM, CISA or CRISC 

Personal Qualities:
•    Strategic
•    Resourceful
•    Highly self-motivated
•    Professional
•    Versatile
•    Diplomatic

It is a requirement that all applicants have unlimited rights to work in Australia i.e. must either be an Australian citizen or have permanent residency.

What do we offer you:

Are our values “Responsibility”, “Drive” and “We-Spirit” aligned with yours?  We foster a culture of respect in our workplace, supporting and encouraging respectful communication and behaviours, acknowledging differences and honouring the people we interact with, taking the time to understand their needs and perspectives.  

Atmosphere: You will find an international working environment with short decision channels, an open feedback culture and a sense of community shaped by mutual respect and a readiness to help. 

Benefits:  We value every individual and consider our people to be important to the success of our business with each of us working together to contribute to a common success.  Structured onboarding, hybrid working arrangements, EAP as well as modern offers for personal development and wellness activities, we prioritise employee wellbeing and engagement. 

Prospects: You contribute your specialist and methodological expertise, and we offer you fresh input and the opportunity to further develop your potential – including room to come up with innovative ideas and act on them!

Only together can we achieve our objectives. 

Would you like to find out more about Hannover Re Australia? Visit our careers site: https://www.hannover-re.com/de/local-offices/australia/career/ 

We not only offer a job and a title, but if you are looking for an organisation which values its people and is “Somewhat Different”, then we want to hear from YOU!   All you need to do is hit apply.

No agencies please.