CyberSecurity Cloud Operations Engineer
Responsible to manage the overall implementation of security cloud architecture across AXA Investment Managers Infrastructure Services.
The CyberSecurity Cloud Operations Engineer specialize in securing cloud-based solutions such as SaaS and PaaS. He implements security controls and threat protection, manage identity and access, and protect data, applications, and networks in cloud and hybrid environments as part of an end-to-end infrastructure.
It includes creating and employing disaster recovery solutions and assisting with continuous improvement activities.
• Developing and implementing cloud security controls, cloud-based processes and tools, and cloud security task automation.
• Provide Operational support for Security Operations related activities that can include, but not limited to:
o Create queries for specific audit reports based on auditable events criteria.
o Using / configuring / managing Azure Security Center.
o Participates in the incident response and investigation process.
• Analysis of IT security risks, identification of associated impacts and proposal of appropriate action plans.
• Realization of technical POCs and rollout of container security solutions (example: Twistlock, Aquasec, WIZ, Kubernetes…).
• Researching industry trends and new technology; implementing new procedures as needed to improve cloud security infrastructure.
• Responsible for the thorough documentations of implementations, via technical documentation and run books.
• Partner with security teams to enhance cloud security solutions and establish preventative controls to support security needs via automation. Including:
o Configuration rules for real-time alerting in SIEM tool for events.
o Fix security vulnerabilities detected by regular penetration tests performed in Azure.
o Ensure that All the network endpoints on the AXA IM tenant are protected with firewalls, web application firewalls (WAF), Intrusion Detection / Intrusion Protection systems (IDS/IPS) and deny of service attacks protection systems (DDOS).
o Member of the Go-to-cloud committee to confirm eligibility of all application candidate to be hosted in Azure Cloud.
o Define, set up and maintain permissions and access rights based on RBAC and the principle of least privilege.
As part of cybersecurity operation team:
• Follow company guidelines / regulations to ensure company data is held in a secure manner, including electronic access or in written format.
• Escalate any security issues or potential security breaches as appropriate to ensure any potential issues can be secured.
• Aligned with Information System Security policy and guidelines, develop and deploy processes that will ensure level 1 controls are in place, actioned and tracked.
• Deliver security projects to protect the cloud infrastructure, in-line with AXA Group policy.
• Support IT audits as required and drive the recovery of any audit deficiencies to pre-agreed deadlines.
• Adopt a culture of innovation, to deploy new services in a “value-add” and cost-effective way towards the business.
• Master degree in Computer Science or significant experience in similar technical IT management roles.
• At least three years of experience securing and supporting public cloud environments such as AWS and Azure.
• Microsoft Azure Security related certifications are recommended.
Experience / Skills
• Related Information Security experience; project management knowledge.
• Mastery of security standards and procedures and related tools and technologies: firewall, antivirus, cryptography, authentication servers, intrusion tests, PKI, URL filtering ...
• Strong experience with web technologies is a must (HTTPS, REST, CDN, Load Balancing, etc)
• Experience securing CloudFormation/Terraform IaC
• Proficiency in measuring and securing IaaS, PaaS, and SaaS environments in AWS and Azure
• Knowledge of vulnerability defense (ex: OSSTMM, OWASP ...)
• Knowledge of Infrastructure as Code tools (Terraform, Pulumi, Crossplane) a plus.
• Ability to work well in teams and manage multiple priorities.
• Punctual and capable of managing assigned deadlines.
• Client focus is a key asset. To be the business advocate for locally delivered services in a service-oriented manner.
• Technical leadership with very good knowledge of Cybersecurity technologies, strategies & trends and security patterns for Cloud-based platforms (Iaas/Paas, Infra-as-code, Azure DevOps and CI/CD, etc).
• Ability to manage outsourced services.
• Fluent in English mandatory. Working knowledge of French preferred.
• Proactive and innovative.
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.
We are an active, long-term, global, multi-asset investor focused on enabling more people to harness the power of investing to meet their financial goals. By combining investment insight and innovation with robust risk management we have become one of the largest asset managers in Europe, managing €746bn in assets as of the end of 2017. We employ about 2,400 people around the world and operate out of 21 countries.
We are proud to foster a high-performance culture, which means that we seek to recruit and retain people who are not only technically-skilled but also globally-minded, innovative and able to leverage their unique perspectives and life experiences to support our success as a company.
AXA IM is committed to building an inclusive culture, valuing diversity and supporting the career progression of all employees.