Information Security Risk Officer (F/M)

Location 92-HAUTS-DE-SEINE, France
Experience level Experienced Hire
Job details sector Information Technology
Apply before Date not available
Job purpose
  • Work closely with the business to perform information security risk assessments of new project initiatives, the production environment, merger and acquisition activity and third parties
  • Identify and assess information security risks and recommend appropriate controls and measures to enable effective management of risk
  • Provide advice and guidance to AXA’s information security and risk community, and support local business engagement where required
  • Contribute to the continuous improvement activity of the information security risk management methodology and processes
  • Support the establishment of the organization’s information 'risk appetite'

Key responsibilities
  • Conduct risk assessment on projects, the production environment, merger and acquisition activity and third parties
  • Identify and analyze information security risks and recommend appropriate controls and measures in clear, business-intelligible language
  • Conduct third party assessments to ensure Group IS policies/standards are met and information security risks are identified and managed
  • Contribute to and maintain the Group Information Security Risk Register, ensuring actions are completed
  • Review risk acceptance forms and provide robust challenge to ensure appropriate management of risk
  • Identify, plan and direct specific group-wide initiatives designed to mitigate information security risks
  • Provide information security risk assessment and subject matter expertise
  • Contribute to, implement, operate and maintain a risk assessment and management framework


Qualifications

Education
  • Bachelor degree in Computer Science, Engineering, or related field
  • An MSc Information Security would be desirable but is not essential

Certification
  • Information Security and /or Information Technology industry certification (CISSP, CISM,CRISC, GIAC, ISO27001 Lead Auditor or equivalent) strongly preferred
  • Member of IISP or have the qualification, skills and experience to become a member

Overall work experience in the field
  • Experience in Information Security field > 5 years
  • Experience in technical Information Security solution design and conducting technical risk assessments > 5 years
  • Experience in articulating IS risks in business language and advising on the appropriate risk management strategy for a technical solution > 5 years
  • Experience in project management and related methodologies > 5 years
  • Experience in multinational companies is an advantage

Skills / abilities
  • Ability to function effectively in a matrix structure
  • Operate comfortably at management level
  • Good facilitation, negotiation and conflict resolution skills
  • Proficient risk assessment, interpretation and analytical skills
  • Good networking skills
  • Team player
  • Fluent in English


Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life? Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things.

In a fast-evolving world and with a presence in 64 countries, our 165,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 107 million customers.


To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.
Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.



At AXA, we lead a an HR policy that encourages diversity, maintains your  professional and private life balance and accelerates the skills and career development : promotion of diversity, remuneration policy, training device, ... Discover everything that makes AXA an employer of choice.
Whatever your job is, we strive to offer you career opportunities. Our goal is to develop your skills to support the transformation of our changing business.