Senior IT Risk Officer
About the role
This is an opportunity to shape how a global insurance and reinsurance leader engages with complex IT operations, regulatory expectations, and technology risk across multiple jurisdictions. As a Senior IT Risk Officer at Munich Re, you will work at the intersection of technology, audit, regulation, and executive decision-making, helping ensure audit outcomes are accurate, risk-based, and aligned to a strong control environment.
Responsibilities
- serve as the central point of contact for internal and external IT audits, IT-related regulatory questionnaires and inspections
- Coordinate and support the end-to-end coordination of IT audits; this includes, but is not limited to, coordination with relevant stakeholders during the audit phases preparation, fieldwork (especially supporting delivery of evidence), reporting, and follow-up & monitoring
- Support audit discussions by helping ensure conclusions are fact-based, risk-aligned, and reflective of the underlying control environment
- Prepare clear reporting and executive-ready materials for senior stakeholders, executive management, Service Review Meetings, and other governance forums
- Maintain and enhance audit-related registers, measures tracking, issue follow-up, and documentation practices
- Apply a risk-based approach to prioritize competing requests, identify areas of highest impact, manage audit scope and timelines, support evidence quality, and keep stakeholders informed throughout the audit lifecycle
- Anticipate audit risks, scope changes, stakeholder challenges, and downstream impacts, and escalate thoughtfully with practical options and recommendations
- Contribute to initiatives that strengthen audit coordination, reporting, governance routines, and leadership visibility across the IT Risk and Compliance function
- Provide practical advice on IT audit, regulatory, and compliance requirements across financial services, insurance, and technology risk domains
- Identify opportunities to strengthen stakeholder readiness, training, templates, and guidance for IT teams involved in audit and regulatory activities
Requirements
- 8+ years of experience in IT audit, IT compliance, technology risk management, or a related field, ideally within insurance, reinsurance, banking, financial services, or another highly regulated environment
- Degree in Computer Engineering/IT, Business Administration, or long-standing experience in the area of IT controls
- Strong understanding of IT audit practices, IT governance frameworks, technology controls, regulatory expectations, and audit evidence requirements
- Experience coordinating or leading complex internal, external, or regulatory IT audits from planning through execution, reporting, remediation follow-up, and closure is preferred
- Familiarity with financial services and insurance regulations within North America, including those from NYDFS, OSFI, and NAIC
- Excellent written and verbal communication skills, with the ability to tailor messages for technical, business, and leadership audiences
- Proven ability to engage confidently with senior stakeholders, executive management, auditors, regulators, and cross-functional teams
- Demonstrated sound professional judgment, including the ability to make risk-based decisions when priorities are competing, facts are incomplete, or standards require interpretation
- Confidence managing difficult discussions, challenging stakeholders professionally, and knowing when to resolve issues independently versus escalate
- Strong ownership, follow-through, organization, resilience, and professionalism under pressure, with the ability to define commitments and deliver high-quality results on time
- Fluency in English and willingness to undertake occasional regional or global travel
- Relevant professional certification such as CISA, CRISC, CISSP, CISM, CGEIT, or an equivalent credential; candidates should be able to obtain and maintain a certification aligned to the role
- Experience with a Big Four or other recognized audit, assurance, consulting, or advisory firm strongly favored
- Experience supporting global teams, geographically distributed stakeholders, or cross-border audit and regulatory activities is a plus
Qualifications
- Fluency in English and willingness to undertake occasional regional or global travel
- Relevant professional certification such as CISA, CRISC, CISSP, CISM, CGEIT, or an equivalent credential; candidates should be able to obtain and maintain a certification aligned to the role
- Experience with a Big Four or other recognized audit, assurance, consulting, or advisory firm strongly favored
- Experience supporting global teams, geographically distributed stakeholders, or cross-border audit and regulatory activities is a plus
Skills
- Strong understanding of IT audit practices, IT governance frameworks, technology controls, regulatory expectations, and audit evidence requirements
- Experience coordinating or leading complex internal, external, or regulatory IT audits from planning through execution, reporting, remediation follow-up, and closure
- Familiarity with financial services and insurance regulations within North America, including those from NYDFS, OSFI, and NAIC
- Excellent written and verbal communication skills, with the ability to tailor messages for technical, business, and leadership audiences
- Proven ability to engage confidently with senior stakeholders, executive management, auditors, regulators, and cross-functional teams
- Demonstrated sound professional judgment, including the ability to make risk-based decisions when priorities are competing, facts are incomplete, or standards require interpretation
- Confidence managing difficult discussions, challenging stakeholders professionally, and knowing when to resolve issues independently versus escalate
- Strong ownership, follow-through, organization, resilience, and professionalism under pressure, with the ability to define commitments and deliver high-quality results on time
- Fluency in English and willingness to undertake occasional regional or global travel
- Relevant professional certification such as CISA, CRISC, CISSP, CISM, CGEIT, or an equivalent credential; candidates should be able to obtain and maintain a certification aligned to the role
- Experience with a Big Four or other recognized audit, assurance, consulting, or advisory firm strongly favored
- Experience supporting global teams, geographically distributed stakeholders, or cross-border audit and regulatory activities is a plus
Benefits
Professional Training & Certification: We accompany you in building your professional profile by providing customised professional training and certification opportunities.
Diversity, Equity & Inclusion: We embrace the power of differences and are convinced that diversity fosters innovation and resilience and enables us to act braver and better.
Continuous Learning: We believe that continuous learning is a key differentiator and critical for building new skills and accelerating growth.
Career Mobility: We actively support career mobility, and our strong global and regional presence offers a wealth of career growth opportunities.
Pay
The base salary range anticipated for this position is $182,100 - $267,100 plus opportunity for company bonus based upon a percentage of eligible pay.
Schedule
This role is located in our Toronto office on 390 Bay St, and we operate in a hybrid work model.