Rodeo
ResourcesPartnersSign in

Munich Re Specialty

Information Security Risk Manager

London
Posted 27 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

About Munich Re Specialty – Global Markets (MRS-GM)

At Munich Re Specialty – Global Markets (MRS-GM), it is our ambition to become the leading Primary Specialty Insurance provider, underpinned by an effective and adaptable strategy, superior products and industry leaders working in a supportive environment to achieve this.

At the heart of our success is a strong culture where people are encouraged to be present, bold and curious, allowing them to achieve their individual goals.

Information Security Risk Manager

Munich Re is seeking a highly skilled Information Security Risk Manager (ISRM) to act as the Information Security Subject Matter Expert for a number of UK entities, spanning the UK Specialty Global Markets, Life Branch and Great Lakes operations.

This is a specialist role within the Second Line of Defence teams across three entities, offering high visibility across the organisation. You will provide independent oversight, challenge, and expert guidance on Information Security and Cyber risk, working across multiple UK-regulated entities operating within a global Group structure, with dotted-line reporting into Munich Re’s Group IRM function in Munich.

You will play a critical role in ensuring robust risk management practices that align with Group standards, UK regulatory expectations, and evolving cyber threats, while influencing senior stakeholders and shaping risk decisions.

Whilst the role will collaborate with stakeholders across the organisation on a daily basis, there is no direct line management within the remit of the role.

Key Responsibilities

Information Security Risk Oversight

  • Provide independent second line oversight on Information Security and Cyber risks across UK entities
  • Review and challenge first line (IT and business) controls, risk assessments, and remediation activities
  • Monitor risk exposure and ensure timely and effective closure of control gaps

Framework & Governance

  • Drive the implementation and embedding of the Munich Re Group Information Security Management (ISM) framework
  • Ensure alignment with UK regulatory expectations (FCA, PRA, Lloyd’s) and internal policies
  • Translate regulatory and Group requirements into actionable control frameworks

Information Security Officer (ISO) Role

  • Act as the ISO for UK entities, providing risk leadership on Information Security matters
  • Serve as a trusted advisor to senior stakeholders on cyber and information risk topics

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Risk Assessment & Advisory

  • Provide Information Security risk opinions on:
    • IT and cyber initiatives, e.g. gap analyses on new regulatory requirements
    • Business change programmes
    • Third-party relationships, e.g. critical IT related service providers – working closely with TRPM experts in the wider risk teams
  • Support entity-level risk identification, assessment, and treatment planning

Incident & Resilience

  • Support management of cyber and information security incidents, providing independent risk input
  • Contribute to business impact assessments and operational resilience activities from a cyber security perspective
  • Ensure effective management of outsourcing and supplier cyber risks

Reporting & Stakeholder Engagement

  • Deliver clear, insightful reporting to feed to governance committees and senior management, including entity Exco and Board forums
  • Communicate risk exposures, trends, and key issues with clarity and impact
  • Build strong relationships across IT, Risk, Compliance and business teams

What Success Looks Like

  • Effective oversight and reduction of Information Security risk exposure
  • Strong challenge and influence over first line risk practices
  • High-quality, decision-enabling reporting to senior stakeholders
  • Robust alignment with Group and UK regulatory expectations
  • Successful navigation of a complex, multi-entity international environment

Experience & Expertise

  • Experience in Information Security / Cyber Risk / IT Risk roles
  • Strong background in Information Security frameworks (e.g. ISO 27001, NIST)
  • Experience operating in a Second Line of Defence or advisory role
  • Proven ability to provide independent challenge and constructive escalation to senior management
  • Experience in complex, multi-entity or international organisations highly desirable
  • Deep expertise in cybersecurity and information security risks
  • Broad understanding of enterprise risk management frameworks
  • Knowledge of operational resilience and third-party risk
  • Strong influencing skills with the ability to challenge constructively
  • Ability to present confidently to senior committees and leadership teams
  • Degree in Information Security, IT, Computer Science or related field (or equivalent experience)
  • Insurance or financial services experience beneficial but not essential

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

If you are excited about this role but your experience does not align perfectly with everything outlined, or you don’t meet every requirement, we encourage you to apply anyway. You might just be the candidate we are looking for!

Diversity, Equity & Inclusion

At Munich Re, Diversity, Equity, and Inclusion foster innovation and resilience and enable us to act braver and better. Embracing the power of DEI is at the core of who we are. We recognise diversity can be multi-dimensional, intersectional, and complex, so we want to build a diverse workforce that includes a wide range of racial, ethnic, sexual, and gender identities; economic and geographic backgrounds; physical abilities; ages; life, school, and career experiences; and political, religious, and personal beliefs.

Additionally, we are committed to building an equitable and inclusive work environment where this diversity is celebrated, valued, and has equitable opportunities to succeed.

All candidates in consideration for any role can request a reasonable adjustment at any point in our recruitment process. You can request an adjustment by speaking to your Talent Acquisition contact.

Learning and innovating today, striving for sustainable societies and business tomorrow

At Munich Re Specialty – Global Markets our approach to ESG is underpinned by our desire to seize business opportunities and to nurture a stimulating and inclusive work environment. Our ESG strategy aims to deliver holistic impacts across environmental, social and governance topics including supporting a number of local initiatives within our community and offering volunteering opportunities for colleagues.

Benefits

  • 25 days Annual Leave + bank holidays
  • 10% Non-contributory Pension
  • Eligibility for an Annual Bonus
  • Private Medical + Dental Insurance
  • Critical illness insurance + Life Assurance + Permanent Health Insurance
  • Wellbeing and Development Scheme + EAP + Health Assessments (subject to scheme eligibility)
  • Electric Vehicle Salary Sacrifice Scheme
  • Study & continuing Professional Development Support
  • Hybrid Working + IT Home Set-up Support

#BePresent #BeBold #BeCurious

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Information Security
Cyber Risk
IT Risk
Risk Management
ISO 27001
NIST
Regulatory Compliance
Risk Assessment
Stakeholder Engagement
Incident Management
Operational Resilience
Third-party Risk
Influencing Skills
Reporting
Advisory Skills
Business Change

Location

London, England, United Kingdom

Sign up to applySee more jobs like this