- From an Operational Standpoint
- Ability to provide technical security expertise to ensure that the Security Operations Centre (SOC) is always delivering a professional service to its customers
- Conduct detailed analytical queries and investigations, identify areas that require specific attention, identify indicators of compromise (IOC) or events of interest (EOI) that need further investigation and identify use cases and rules to be developed or improved into the SIEM platform
- Improve Security Information and Event Management (SIEM) content and all other technologies used in the team, continually refining the rules and logic to make the detection capabilities more efficient and effective
- Ensure internal SOC related operational processes and procedures are created and maintained
- Deliver communications and reporting to SOC stakeholders and customers
- Deliver qualified information about actual threats and indications, recommendations how the associated risk can be mitigated
- Contribute to the overall performance and success of the Security Operations Centre
- From Management Standpoint
- Drive effective teamwork, communication, collaboration and commitment to deliver SOC services
- Manage the L1 and L2 analysts team
- Organise and prioritise the workload based on business priorities and customer expectations;
- Act as a mentor to L1 and L2 Security Analysts: support and supervise them and ensure knowledge sharing within the team
- Drive performance management, career management and people development (e.g. training);
- Anticipate evolution of the skills required and the recruitment needs
- Provide insights to the team on developing trends and technology
- Act as a leader to drive security monitoring and detection activity
- Assist Security Monitoring Lead and Head of SOC in implementing SOC strategy
- Build on and continuously improve SOC analytics framework
- Ensure effective operation of SIEM content: filters, rules, expressions and other identification mechanisms of the threat and vulnerability management technologies used within the SOC
- Manage, mentor and guide the L1/L2 Security Analysts
- Provide data analysis within the SOC processes and to SOC customers and stakeholder in order to drive further security measures and risk mitigation activities.
- Ensure execution and maintenance of SOC related analytical processes and tasks
- Collaborate with other Information Security teams to ensure effective intrusion detection and incident response
- Continually maintain and improve technical capabilities through individual development activities, accreditations and certifications to remain constantly prepared to challenge the ever-evolving cyber threat
- Bachelor degree in Computer Science, Engineering, Information Technology or adequate experience if a degree from unrelated field
- An MSc Information Security would be desirable but is not essential
- Information Security and/or Information Technology industry certification (GIAC, CISSP or equivalent) strongly preferred
Overall work experience in the field
- Experience in information security domain > 7 years
- Experience in network and/or firewall engineering, system administration, design and implementation or related field > 5 years
- Experience in security analysis and SIEM content development > 3 years
- Experience in penetration testing > 2 years
- Work experience in a global organization > 3 years
Skills / abilities
- Deep information security expertise
- Excellent knowledge of one of the SIEM products
- Knowledge of network technologies, Windows and Unix administration
- Knowledge of typical security devices such as firewalls, intrusion detection systems, AV and End Point security, Web Application Firewalls, anti-spam systems, event correlation systems, etc.
- Understanding of security threats, attack scenarios; analysis and intrusion detection skills
- Excellent analytical skills and out-of-the box thinking
- Excellent communication capabilities
- Team player
- Fluent in English
Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life? Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things.
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.
To support our business strategy and digital transformation, AXA is building a new Group Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.
Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.
At AXA, we lead a an HR policy that encourages diversity, maintains your professional and private life balance and accelerates the skills and career development : promotion of diversity, remuneration policy, training device, ... Discover everything that makes AXA an employer of choice.
Whatever your job is, we strive to offer you career opportunities. Our goal is to develop your skills to support the transformation of our changing business.