Information Security Practitioner 

Experience level Experienced Hire
Job details sector Information Technology

Within Group Operations, Group Security: 

  • Defines AXA’s information security standards and instructions and overseeing their implementation across the Group 

  • Drives information security risk management (e.g. identification, evaluation, mitigation and monitoring) 

  • Provides information security expertise to the entities 

  • Defines the Security strategy for AXA and identify security threats 

  • Defines AXA’s operational resilience standards and instructions and overseeing their implementation across the Group 

  • Defines, develops and oversees Group crisis management exercises 

  • Defines AXA’s physical security and safety standards and instructions, and oversees their implementation across the Group 

  • Ensures the alignment of security objectives with the local CEOs and support their achievements. 

  • Supports the entities of the Group to deliver their security activities. 


The key responsibilities of the Information Security Practitioner are: 


• Conduct 3rd party Security Assessments, & 3rd party Audits 

• Conduct Product & Project risk assessments, and suggest action plans. 

• Perform Penetration Testing oversight 

• Deliver ISAF (Information security Assurance framework) / ISO27001 controls 

• Ensure that security process is followed for registration of URL’s on Digital HUB 

• Work with different countries in Asia for identification and closure of breaches 

• Provide support of Local Self-Assessment, Fit-Gap assessment, Maturity assessment and Compliance or audit check  

• Review architecture from Security point of view to ensure appropriate controls are implemented. 


  • Bachelor degree in Computer Science, Engineering, or related field.  

  • An MSc Information Security would be desirable but is not essential 

  • Information Security and/or Information Technology industry certification (ISC2 CISSP, ISACA CISM or equivalent) strongly preferred 

  • ISO 27001 Lead Implementer certification preferred but not required  

  • ISO 27005 Risk Management, ISACA CRISC certification preferred but not required 

  • Experience in information security > 8 years 

  • Experience in information security architecture > 6 years  

  • Experienced in developing information security assurance plans


  • Cross cultural sensitivity 

  • Ability to effectively operate in a decentralized and political corporate environment  

  • Strong organizational skills to to prioritize workload & meet deadlines 

  • Good communication skills 

  • Good analytical skills 

  • Good writing skills  

  • Fluent in English  



Would you like to wake up every day driven and inspired by our mission of acting for human progress by protecting what matters? Here at AXA we strive to be a responsible employer, placing employee engagement at the heart of its business strategy. Achieving this means creating a workplace built on AXA's Values that foster diversity and equal opportunities for all, promotes employee participation, encourages professional development, and supports employee well-being.

We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things.

In a fast-evolving world and with a presence in 57 countries, our 160,000 employees anticipate change to offer services and solutions tailored to the current and future needs of our 108 million customers.

AXA is becoming a sustainable tech-led company and at AXA Group Operations we are one of the major catalysts for this transformation. 

We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation, driving its concrete implementation globally at speed, with a high quality of advisory and execution.

We are present across 17 countries with committed, highly qualified teams. We leverage technology, data, sourcing, security and investment allocation in a global way, but also achieve economies of scale and synergies when necessary.

At AXA Group Operations, we want to be recognized in three fields of action:

  • State-of-the-art Data Technology to drive customer experience
  • State-of-the-art Procurement & Sourcing to drive efficiency and better manage risks
  • High-Performing Global Team for stronger partnerships with AXA entities 

We bring together the expertise, cultural diversity and creativity of over 8,000 employees worldwide and we’re committed to equal opportunities in all aspects of employment (gender, LGBT+, disabled persons, or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued.