- Create, communicate and implement Information Security Assurance Strategy aligned to the business objectives and Information Security
- Provide executive level subject matter expertise related to information risk frameworks and act as a mentor to team members and executives throughout the organization
- Promote a service culture both internally and externally related to Information Security Assurance
- Lead the development, provisioning and successful implementation of the information risk assessment methodology across the Group.
- Lead the assurance activities to ensure security is maintained throughout the project lifecycle and in business-as-usual operations.
- Lead the Digital Presence and protect the brand by effectively governing AXA Group’s large growing digital assets portfolio (all domain names, websites, mobile applications and social media pages used by AXA across the world)
- Lead the Security Awareness and Behavior Change teams to improve behaviors through awareness and practices to turn all AXA employees in a line of defense (develop “Human firewalls”) and to develop the AXA Information Security Care / Protect / Alert mindset globally across AXA entities
- Design and implement a global information risk assessment process and management framework
- Develop the 3-5-year strategy and roadmap for IT risk management including risk assessments, internal controls, control monitoring, risk reporting, key risk indicators and risk scorecards
- Act as a global champion of information risk assessment related policies
- Define penetration testing strategy and approach; build & execute penetration test plan
- Raise appropriate awareness through Group Information Security shared service function
- Define Assurance testing strategy and approach; build & execute assurance testing plan
- Prepare creation / maintenance plan for the Information Risk Assessment Methodology (IRAM2) for the Group based on relevant new developments with regulation and user feedback, in close co-operation with stakeholders from group and lines of business (LoBs).
- Benchmark existing security investment against industry peers and secure required funding from executive committee
- Act as liaison between Group Information Security and various Governance, Risk & Control offices within the company to promote continuous improvement and evolution of the strategy and resulting services.
- Act as a global champion of information security assurance related policies
- Lead and mentor Information Security Assurance team members
- Serves as the primary sponsor for projects related to the development of the Information Security Assurance function
- Keep up to date about security threats and on new developments in the security area
‒ University graduate with a degree in Business, IT or a related subject.
‒ A post-graduate degree in Information Security is preferred
‒ Information Security and /or Information Technology industry certification (CISSP-ISSAP, CRISC, GIAC or equivalent)
‒ Member of Institute of Information Security Professionals (M.IISP)
Overall work experience in the field
‒ Experience in information security > 10 years
‒ Leadership/ management experience working with individuals and teams from diverse cultures> 5 years
‒ Experience of working in large and matrix organizations > 5 years
‒ Experience in leading shared services or risk functions > 5 years
‒ Experience in an audit or information risk leadership role within the financial services sector > 10 years
‒ Experience of working in a multi-vendor and outsourced IT environment
Skills / abilities
‒ Ability to function effectively in a matrix structure
‒ Strong networking skills
‒ Team Player – Excellent collaboration skills
‒ Ability to apply analytical rigor to understand complex business scenarios
‒ Fluent in English
‒ Change Agent
Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life? Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things.
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.
To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.
Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.
At AXA, we lead a an HR policy that encourages diversity, maintains your professional and private life balance and accelerates the skills and career development : promotion of diversity, remuneration policy, training device, ... Discover everything that makes AXA an employer of choice.
Whatever your job is, we strive to offer you career opportunities. Our goal is to develop your skills to support the transformation of our changing business.