Risk & Internal Control Specialist

Risk & Internal Control Specialist

We are seeking a highly skilled and experienced Risk & Internal Control Specialist to join our Risk Management function. The role entails working with both operational and information and communication technology (ICT) risk management, in addition to internal control management.

About Zurich

Zurich is one of the world’s leading insurance groups, and one of the few to operate on a global basis. Our mission is to help our customers understand and protect themselves from risk. With about 60,000 employees serving customers in more than 215 countries, we aspire to become the best global insurer as measured by our shareholders, customers and employees. We help individuals, small and medium sized companies and global corporations around the world understand and protect themselves from risk by offering a wide range of insurance products, solutions and advisory services.

Zurich Nordic offers non-life insurance for local and international business in the Nordic market. Zurich Nordic operates as a business unit of Zurich Insurance Europe AG, based in Germany, and is ultimately a part of the Zurich Insurance Group, headquartered in Switzerland.

Role Overview

In this role, you will play a crucial part from a second line of defence perspective in ensuring effective identification, assessment, and management of operational risks including ICT risks, as well as maintaining robust internal controls across our operations in Zurich Nordic. Additionally, you will be a part of the Head Office and the Group's risk network, providing you with international colleagues and points of contact.

You will be based in our Stockholm office and report to the Chief Risk Officer for the Nordics.

Key Responsibilities

• Local point of contact on ICT and internal control-related matters within Zurich Nordic, and coordinate with other Business Units, Head Office, and Group.
• Participate in maintaining and ensuring effectiveness of operational risk management and internal control integrated frameworks (ICIF).
• Implement, maintain and review 2nd line of defense ICT risk management framework, strategies and reporting in line with the Digital Operational Resilience Act (DORA) requirements.

• Facilitate self-assessments of operational risks (SAOR), conduct risk assessments, and ensure appropriate risk mitigation measures are in place.
• Coordinate the operational incident management process and follow up of responses.
• Conduct independent risk assessments of ICT risks, third-parties, systems and processes to identify potential vulnerabilities and threats.
• Oversee, monitor and challenge internal controls and actions plans in the GRC system.
• Collaborate with various departments to enhance risk awareness and promote a culture of operational and ICT risk management, and internal control.
• Provide expert advice and support to senior management and employees on operational risk including ICT risk and internal control-related matters.
• Participate in reporting on the effectiveness of operational and ICT risk management, as well as internal control, activities.

Qualifications

• Minimum of bachelor’s degree in Business Administration, Finance, Information Technology, or equivalent field.
• Proven experience in operational risk management, internal control, information security and IT risk management, preferably within the insurance industry.
• Proficiency in risk management and internal control tools, methodologies and practices.
• Proven knowledge of the DORA regulation and its requirements.

Skills and competencies

• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills (both in Swedish and English are required), as well as interpersonal abilities to work collaboratively with cross-functional teams and international colleagues.
• Relevant professional certifications are an advantage.

Why Join Us

Be part of a leading global insurance group known for its commitment to sustainability and innovation. Work in a dynamic and diverse environment with opportunities for professional growth and development. Contribute to the success of a company that values integrity, customer focus, and excellence.

Apply Now

If you are a strategic specialist with a passion for risk management and internal control, we invite you to apply for this exciting opportunity at Zurich Nordic. Join us in making a difference in the insurance industry and our customers.

Please refer your questions to CRO Johan Lindqvist at johan.lindqvist@zurich.com, +46 70 252 75 92 or Carl-Arvid Nilsson, Nordic Talent Acquisition Specialist, carlarvid.nilsson@zurich.com, +46 76 720 33 50.

You are welcome to submit your application by 28 February  2025 at latest. The selection process will run continuously, and we encourage you to submit your application as soon as possible.

#LI-HYBRID