About The Job
Main missions
Your Responsibilities Include
Serving as the primary contact for the operational activities related to Cyber Defense within the Entities/OpCo's.
Deliver day-to-day security operations management and reporting as the 1st line of defense (execution). That includes managing related cybersecurity request, incident, change request and resolution management for services in scope.
Oversee and drive the processes in various domain: infrastructure security operations, security incident and crisis management, audit remediations, and vulnerability management.
Ensure comprehensive coverage and reporting of all security tool implementations across all in-scope assets.
Monitor, report on, and drive compliance with operational SLAs, KPIs, and KRIs for subscribed services, coordinating with relevant stakeholders.
Act as the extension of the Cyber Defense Global team, delivering tools and services to entities/opco's.
Serve as the primary security operations contact within Group Operations, collaborating across organizational boundaries (e.g., OpCo's, Solution Delivery, regional and local CISOs, vendors, etc.).
Function as the Security Operations Subject Matter Expert (SME) to detect, respond to, and defend AXA against malicious actors and threats.
Oversee security monitoring and the incident lifecycle, including executive and client communications, direct resource management and coordination, and end-to-end process oversight from detection to post-mortem and root-cause analysis (RCA).
Ensure and enforce information security relevant controls and process across the AXA entities.
Participate as required in global security programs and projects to deliver assigned objectives.
Contribute to audit relevant investigations and their management action plans to remediate the discovered risks.
Act as a security advocate to promote security policies and culture / mindset
Act as a security advisor to the relevant stakeholders on security matters
Participate and support local Security Programs and Projects
Contribute to rapid incident response by recommending and prioritizing appropriate responses and by contributing to the lessons learned and post-incident activities
Expected Skills & Experience
We are looking for someone with the following experience and skills:
Experience
Diploma or Bachelor's degree in Computer Science, IT, Engineering, or related fields
Experience in IT > 15 years
Experience in IT Security > 10 years
Proven experience in running Security Operations and project works in the following categories below.
In-depth knowledges of infrastructure and application vulnerabilities, architectures and challenges.
Information Security and/or Information Technology industry certification like CISSP, CCSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, and etc, is a plus
Experience on Cloud Security is a plus
Technical Skills
Cross-cultural sensitivity and flexibility. Appreciate diversity and inclusiveness.
Experience with security operations, risk and service delivery frameworks.
Familiar with local and regional regulatory requirements for entities
Knowledge of information security best practices, architecture, standards and threat landscape
Customer-centric and strong service delivery skills with escalation management capabilities
Strong interpersonal and communication skills; able to deal effectively with diverse skill sets and personalities, works effectively as a team player
Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
Able to translate technical requirements and communicate at all levels
Apply analytical rigor to understand complex business scenarios
Ability to function effectively in a matrix structure.
Ability to function with minimal supervision
Subject Matter Expert for the following in-scope security services below.
Infrastructure Security (Mandatory)
Network Security - at least intermediate knowledges for minimum 3 solutions
Firewall review and assessment
Intrusion Prevention System (IPS)
DDoS protection
Secure Web Access (Proxy)
Secure email gateway
Web Application Firewall (WAF)
End-Point Security - at least intermediate knowledges for minimum 2 solutions
Malware Protection (Anti-Virus, Anti-Malware)
End-Point Detection & Response (EDR)
Data Leakage Prevention (DLP)
Data Security - basic knowledges
Encryption
Security Incident Management (Mandatory)
SIEM - basic knowledges
Security Incident Handling/Response - intermediate knowledges
Application Security & Vulnerability Management
Architecture review
SDLC
SAST & DAST
Cloud Security
PaaS and IaaS Security
Data Security
Cloud compliance
DevSecOps
What We Offer
We bring together the expertise, cultural diversity and creativity of over 8,000 employees worldwide and we're committed to equal opportunities in all aspects of employment (gender, LGBT+, disabled persons, or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued.
About The Entity
AXA is becoming a sustainable tech-led company and at AXA Group Operations we are one of the major catalysts for this transformation.
We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation, driving its concrete implementation globally at speed, with a high quality of advisory and execution.
We are present across 17 countries with committed, highly qualified teams. We leverage technology, data, sourcing, security and investment allocation in a global way, but also achieve economies of scale and synergies when necessary.
At AXA Group Operations, we want to be recognized in three fields of action:
State-of-the-art Data Technology to drive customer experience
State-of-the-art Procurement & Sourcing to drive efficiency and better manage risks
High-Performing Global Team for stronger partnerships with AXA entities
About AXA
As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working for 105 million customers, we've created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we're nurturing a culture of respect, for each other, for our customers and the communities around us. Join AXA and you'll feel like you belong, are included and can thrive. You'll be able to shape the way you work and truly grow your potential as you seek out new opportunities, push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.