Group IT Security Manager

Body

Our organisation

Ageas is a listed international insurance Group with a heritage spanning of 200 years, offering Retail and Business customers Life and Non-Life insurance, and is also engaged in reinsurance activities.

As an international insurance company, Ageas concentrates its activities in Europe and Asia through a combination of wholly owned subsidiaries and long-term partnerships with strong financial institutions and key distributors.

Ageas ranks among the market leaders in the countries in which it operates. It represents a staff force of about 50,000 people and reported annual inflows of over EUR 17 billion in 2023.

Ageas aims to be a Great place to Grow for all its people, while always staying true to its four values: care, share, deliver and dare. It fosters an inclusive culture, that values diversity and encourages everyone to get the best out of their talents.

Ageas has been re-certified as Top Employer in 2024.

Department

Activities covered by the team of Group Technology Development and Group Purchasing are Corporate  Center IT coordination & operations, Group Applied Technology, Data & Artificial Intelligence, Data Management, Group Procurement and Group Synergies Creation Initiatives.

 

The department is in charge of managing the IT of the Corporate Center (~200 people), the Ageas Group headquarters, and developing group initiatives. These Group initiatives including the 13 countries where Ageas is active are twofold : on one hand developing synergies by delivering group assets developed once and reused multiple times in Group companies, and on the other hand make sure IT risks are managed adequately across the Group.

 

To strengthen the team, we are looking for a Group IT Security Manager. 

 

The Group IT Security Manager is responsible for implementing the group's information security framework, with a focus on IT security, within Ageas's Corporate Center and facilitating its adoption across Ageas companies. This role, operating in the 1st line, focuses on determining and implementing the "how" of IT security through procedures, tools, and role definitions, working closely with the Group CISO, who defines the "what." The manager's responsibilities also include IT Security Operations and Reporting for the Corporate Center and managing group assets to create synergies across the organization. The Group IT Security Manager reports to the Technology Development & Procurement Group Director.

 

Your role

 

The Group IT Security Manager will be responsible for the following activities at the Group level:

• Translate Information Security group policies framework (the WHAT) into operational procedures (the HOW).
  • Define a security architecture addressing the selection of technologies, required competencies, necessary process with roles & responsibilities, and governance.
  • This translation is jointly developed in alignment with Ageas companies IT Security organization, and with the support of the (Group-)CISO’s.. It is ultimately materialized by a group implementation plan involving Ageas companies for local implementation and operations;
• Facilitate the implementation and actively manage the Group Information Security assets by :
  • Driving the selection of partners for implementation and/or operations of the Group security assets (solutions and/or services), including Business Risk Assessments of selected solutions and/or services;
  • Actively managing Group suppliers and challenging suppliers on service quality and level of services to ensure value/quality for money ;
  • Managing the contribution of Ageas companies in Group assets development / implementation initiatives, and in operational activities linked to Group solutions & services ;
  • Driving and/or supporting recurrent Ageas companies security posture assessment or testing to seek continuous improvements on IT Security defense solutions ;
• Consolidate a view on Ageas companies portfolio of IT Security projects to identify potential synergies by Group initiatives for Group assets development : deliver better, faster, cheaper.
• Consolidate reporting / dashboard of Ageas companies on Cybersecurity operations delivery (Cybersecurity operational KPI’s & KRI’s) and assessment/audit outcomes in collaboration with Group-CISO, and follow-up on action plans ;
• Report on major (Group) IT security incidents ;
• Provide advisory services, guidance and organize knowledge sharing by and for Ageas companies on Cybersecurity improvement plans, best practices, tests & assessments & audits results
• Lead the community of Ageas companies heads of IT Security and SME’s on Cybersecurity (Group) initiatives and sharing of practices ;
• Present Group & Ageas companies cybersecurity program status reports & posture to Group Senior Management ;
• Maintain an understanding of industry trends, emerging cyber threats, and new solutions which may impact the environment, and share with the community of Ageas companies CISO’s and IT Security heads of and SME’s.

In addition, the Group IT security Manager will be responsible for the following activities at the Ageas Corporate Center level:

• Leads ISO27K (re-)certification program and the required continuous improvements ;
• Act as SPOC for IT security assessments of Corporate Center by 2^nd and 3^rd lines of defense ;
• Propose and lead IT security program/projects;
• Organize, plan & (partly) execute IT Security activities;
• Participate in the Corporate Centre Information Security Office, which facilitates embedment of the Ageas Information Security Framework within the Ageas Corporate Center ;
• Oversee security activities such as access control, incident management, alerting, response, forensics, and reporting ;
• Validate Ageas Corporate Center projects/solution from an IT Security point of view via Business Risk Assessments ;
• Align with Group CISO in charge of the Information Security 2^nd level of control, on adherence to (Group) security policies.

Your profile

• Experience of minimum 10 years in Cybersecurity management roles
• Strong analytical skills and experience in Cybersecurity Management
• Relationship-building and influencing skills (including with senior management)
• Communication and presentation skills
• Drive, ownership, and proactivity
• High quality standards
• Collaborative mindset
• Able to take on an advisory role towards entities of the Group
• Autonomous in organizing and prioritizing own work in line with management guidelines
• Resilience
• Curiosity and eagerness to learn and share
• Excellent English oral and written communication skills

Our offer?

• The possibility of (maximum 50%) home working;
• A dynamic, multicultural working environment;
• An interesting and extensive salary package (including meal vouchers, eco vouchers, hospitalization, disability and group insurance, additional child benefit, mobile allowance and intervention in the internet reimbursement, ...);
• The possibility to optimize part of your salary package through a flexible income plan;
• A corporate culture where you are encouraged to share your views and opinions;
• A flat organizational structure with close collaboration and communication with management and cross departments;
• A company car with charging card;
• An extensive range of learning & development opportunities through our online learning platform;
• The opportunity to further develop yourself and to be part of a great team at a Top employer in Belgium.