Local Information Security Officer (F / m / d)

wefox is Europe’s leading InsurTech, reinventing insurance at scale with a record-breaking Series C funding round of $650 million in 2021, making it the largest funding round of any InsurTech to date.

wefox is revolutionising insurance by empowering customers and delivering personalised experiences driven by data. Our vision is to enable people to be safe by providing 360-degree advice through our network of advisors, optimising individual risk coverage with innovative prevention, assistance, and insurance products.

For our Italian holding, wefox AG - wefox Italy - we are currently seeking a Local Information Security Officer . You will be responsible for driving the Global Information Security strategy at the country level (Italy - Milan) and maintaining operational engagement with key leaders within the Business, IT, and Tech teams.

• wefox Italy owns 100% of Mansutti S.p.A. and Mach-1 S.r.l.
• Mansutti : One of Italy’s major insurance brokers with nearly 100 years of experience, specialising in assisting corporate clients with insurance programs to protect assets and businesses, and creating affinity programs to increase revenue and customer base.
• Mach-1 : Italy’s leading automotive insurance agency, specialised in implementing and managing insurance affinity programs for automotive manufacturers, utilities, and banking partners through innovative mobility platforms.
• The Role
• As the Local Information Security Officer, you will drive the Information Security strategy at the country level and engage with key leaders across Business, IT, and Tech teams.
• You will report to the Local Head of IT and align functionally with the Group Chief Information Security Officer.
• You will build strong relationships with stakeholders, assess business practices, identify security gaps, and lead security initiatives. Effective interaction with IT leadership, Tech Engineering, Internal Audit, Risk Management, Legal, and Privacy teams is expected.
• You should have a good understanding of our core business and how technology can enable it securely.
• You are responsible for both Governance and hands-on execution of security projects.

Main responsibilities

• Lead the information security function across Italy, ensuring high-quality management aligned with Group Security Standards.
• Influence business strategy in line with the Information Security strategy and roadmap.
• Manage operational engagement and support metrics for measuring security maturity.
• Communicate relevant security issues, risks, and events within the organization.
• Promote security awareness among regional stakeholders and partners.
• Coordinate with security architects, engineers, and analysts to meet security needs.
• Integrate security into business-driven technology projects.
• Stay updated on security trends and communicate themes in business terms.
• Implement security plans and controls, understanding proactive defense strategies.
• Lead risk exercises to identify, measure, and mitigate risks.
• Support incident response teams, manage investigations, and oversee remediation plans.

What you bring

• Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent experience.
• At least 10+ years of experience in Information Security.
• Deep knowledge of regulations and standards (GDPR, ISO 27001, NIST CSF, PCI-DSS, OWASP, COBIT, CIS, etc.).
• Understanding of compliance frameworks such as IVASS, ANIA, FMA, BAFIN, EIOPA.
• Ability to translate strategy into actionable security initiatives.