Senior Data Risk Manager

About the role:

As Senior Digital & Technology Risk Manager, you will be a key driver of Swiss Re’s digital resilience and innovation. You will play a central role in shaping how Swiss Re identifies, assesses, and governs the broad space of data related operational risks. Your expertise will guide our approach to data risk across AI, cloud, and emerging technologies, ensuring we remain at the forefront of responsible risk management. Positioned in the 2nd Line of Defence, you will provide independent oversight, advise on control effectiveness, and challenge risk-taking decisions related to digital processes and data management.

You will collaborate closely with Data Governance, IT, and Compliance as well as the central and embedded Operational Risk Management teams to deliver holistic risk management across the enterprise, and influence governance practices for data-related risks on a global scale.

Key Responsibilities:

• Challenge and advise 1st Line teams on risk identification, assessment, and control adequacy related to digital processes and data management.
• Lead end-to-end risk reviews and thematic operational risk assessments across digital services, systems, or strategic technology projects.
• Design and enhance Swiss Re’s Risk Control Framework by identifying and embedding key controls across the data lifecycle.
• Monitor implementation of risk controls across business units and functions, gathering feedback to support continuous improvement.
• Prepare & communicate risk dashboards, reports, and presentations for senior management and governance bodies, translating data management/governance risk insights into business-relevant recommendations.
• Assess AI-related risks, ensuring alignment with applicable internal governance and external regulatory frameworks.
• Engage regularly with senior stakeholders, promoting a strong risk culture and influencing data governance behaviour across the organisation.

About the team:

The Digital & Technology Risk Management (DTRM) team within Operational Risk Management (ORM) acts as the 2nd Line of Defence for all digital and technology-related risks at Swiss Re. We provide independent oversight, challenge, and insight across Swiss Re’s global digital landscape. Serving as an independent partner to the business, we help shape the Group’s risk posture across various technology domains, ranging from infrastructure and application security to digital innovation and AI. Our commitment lies in driving high standards of resilience, informed risk-taking, and sound control practices through strong engagement and credible challenge. From reviewing control frameworks to assessing emerging risks, we help shape responsible innovation and build resilience into every layer of our technology environment.

About you:

We are looking for a confident and forward-thinking risk professional with a deep understanding of data governance and its associated risks.

Experience & Capabilities

• Minimum 7 years of experience in operational risk management, digital/technology risk, or operational risk consulting roles, preferably within financial services, reinsurance, or consulting.
• Experience of supporting and challenging Risk & Control Self-Assessments (RCSA) and scenario analysis and with risk appetite articulation.
• Proven experience conducting end-to-end risk assessments, spot checks, and thematic operational risk reviews in a complex, regulated environment.

Technical & Tooling

• Solid understanding of operational risk management principles, including risk framework design and assurance techniques.
• Familiarity with IT governance frameworks, data governance principles, and regulatory expectations (e.g. COBIT, DAMA-DMBOK, ISO 27001).
• Strong understanding of AI/ML data governance risks and regulatory developments (e.g., GDPR, AI Act, data ethics frameworks).

Behavioural & Interpersonal

• Comfortable working independently, including collaboration with managers or stakeholders in different time zones.
• Strong stakeholder engagement and communication skills with the ability to influence and challenge at all levels.
• Demonstrated ability to balance business enablement with effective risk management.

Certifications (Desirable)

• Certified in Risk and Information Systems Control (CRISC)
• Other data or risk-related qualifications are a plus