Security Subject Matter Expert (SME)
We are looking for a Security Subject Matter Expert to join the Security team based in our UK, Shannon, Barcelona or Madrid office!
AXA Partners is currently working on a “Focus & Transform Strategy” which is shaping the Global Operations’ strategic ambition: “bring simplicity and drive transversal processes, breaking down silos, to succeed in providing a superior customer experience in line with our Customer2020 ambition”.
Global Operations has 3 strategic priorities:
- Reposition AXA Partners as the Preferred Business Partner
- Boost AXA Partners to become an Agile Global Organization
- Mature AXA Partners as a Safe, Secure and Resilient company
The objective of the security organisation is to become a business partner, delivering value to the business while also managing our risk posture. We’ll achieve this objective by taking a risk-based strategy and security improvement program with common objectives and controls.
What will you be doing?
As our Security SME, you’ll be supporting the Security Team in the roll out of the Security Assurance program and activities while also performing oversight and monitor compliance with controls, tools and techniques. You’ll be seeking out and identifying current security gaps locally as well as globally to standardise the processes and drive proper prioritisation and adequate improvement plans. You’ll also be working with global AXA Partner offices to move from a pure compliance check approach to a risk-based approach.
Other responsibilities include:
- Act as a security advocate to promote security policies and culture / mindset
- Act as a security advisor to the business on security matters
- Ensure Security Compliance and effective security processes and controls deployment across AXA Partners entities and assets such as applications, infrastructure and projects
- Provide assurance on the effectiveness of security controls across AXA Partners entities (assessments), support findings resolution / escalation and reporting.
- Contribute to the maintenance of the Security Assurance Framework and sustain the future growth of BAU to maintain security compliancy
- Deliver and consolidate evidence related to the AXA Security and AXA Partners Controls
- Conduct security and compliance risk assessments using AXA Partners tools to capture, record and report on operational security risks
- Collaborate with Information Security team and engage with IT/DEV and all stakeholders’ teams to walkthrough the security vulnerabilities/issues and seek mitigation action plans with timelines for each of security items in line AXA requirements in compliance with security policies.
- Monitor security vulnerabilities and risk and report the on the progress of the action plans.
- Participate and support local Security Programs and Projects
- Participate as required in global security programs and projects to deliver assigned objectives
- Ensure and enforce Information Security relevant controls and process across the AXA Partners entities
- Contribute to rapid incident response by recommending and prioritizing appropriate responses and by contributing to the lessons learned and post-incident activities
- Contribute to Information Security Audits and drive remediation of identified risks in line with management action plans
- Deliver training and instruction on security where required
You have experience in applying monitoring and compliance controls across Information Security as well as a bachelor’s degree in Computer Science, Engineering or a related field. MSc Information Security would be desirable but not essential.
You’ve got amazing networking skills, being able to manage multiple stakeholders at a time in a dynamic Global Organisation.
You’re a team player who’s able to organise and prioritise while applying analytical rigor to understand complex business scenarios. Being able to work under pressure is a strong point of yours and you’re very results orientated, focusing well on delivery.
In addition to the above, we would also like you to have:
- number of years' of experience applying monitoring and compliance controls across Information Security (Operational Resilience & Physical Security Health and Safety experience would be beneficial but not essential)
- Experience with Information Security risk, controls, standards, frameworks and regulations (eg. ISO 27x, NIST, GDPR…) applicable to the security field
- Experience with PCI-DSS
- Extensive knowledge of auditing or security tools and solutions
- Bachelor’s degree in computer science, Engineering, or related field.
- A MSc Information Security would be desirable but is not essential
- Good knowledge of cloud security
- Experience with project management, coordination and program team
- Experience of working with specific Security Controls
- Experience in applying methodologies and principles for all levels of Security (technical and non-technical) > 5 years
- Experience with technologies, tools and process controls to minimize security risk and data exposure > 5 years
- Industry certification (ISO 27001 (Implementer/Auditor), CISSP, CCSP, CCSK, CISA, CISM, GIAC, CRISC or equivalent
AXA Group is the world leader in insurance and asset management. We protect and advise our clients at every step in their lives, by offering products and services which satisfy their needs in the areas of insurance, personal protection, saving and asset management. AXA is the leading insurance brand worldwide, with over 100 million clients. We are transforming from payer to partner for our client, with a strong focus on risk prevention.
Our mission: Empower people to live a better life.
Our values: Customer First, Courage, Integrity and One AXA.
AXA Partners is an AXA transversal business unit offering a wide range of solutions in assistance services, travel insurance and credit protection.
AXA Partners’ role is also to implement innovative solutions emerging from the AXA Innovation unit.
Our mission is to help our Corporate clients to enrich their customers’ experience, with more than 9,000 employees at their service anywhere, anytime.
By joining AXA Partners, you will work in a responsible company, which offers a real culture of expertise & diversity. Our focus is on accelerating the development of everyone’s skills, whilst offering attractive and competitive compensation and opportunities for professional development and growth.
Additionally, at AXA, we work to make a real difference to people - when amazing things happen and when we create opportunities for a better life, the feeling of pride is extraordinary.