Group Security: Security Project Manager

Location France, France
Experience level Experienced Hire
Job details sector Information Technology
Apply before Permanent offer

If you are interested in this opportunity, please apply directly through the tool.




Level of priority     

  • Necessary: The responsibility/objective is necessary and must be considered as medium priority
  • Important: The responsibility/objective is important and must be considered as high priority.
  • Crucial: The responsibility/objective is crucial and must be considered as top priority.


Technical competencies


  • E1 Awareness: Understands the skill and its application. Has acquired and can demonstrate basic knowledge associated with the skill. Understands how the skill should be applied but may have no practical experience of its application.


  • E2 Basic application: Understands the skill and applies it to basic tasks under some supervision. Has acquired the basic knowledge associated with the skill, for example has acquired an academic or professional qualification in the skill. Understands how the skills should be applied. Has experience of applying the skill to a variety of basic tasks. Determines when problems should be escalated to a higher level. Contributes ideas in the application of the skill. Demonstrates awareness of recent developments in the skill.


  • E3 Skillful application: Understands the skill and applies it to complex tasks with no supervision. Has acquired a deep understanding of the knowledge associated with the skill. Understands how the skill should be applied. Has experience of applying the skill to a variety of complex tasks. Demonstrates significant personal responsibility or autonomy, with little need for escalation. Contributes ideas in the application of the skill. Demonstrates awareness of recent developments in the skill. Contributes ideas for technical development and new areas for application of the skill.


  • E4  Expert: An authority who leads the development of the skill. Is an acknowledged expert by peers in the skill. Has experience of applying the skill in circumstances without precedence. Proposes, conducts, and/or leads innovative work to enhance the skill.


Behavioural competencies


  • Novice: Demonstrates the ability primarily under supervision and displays competence in some situations
  • Intermediate: Demonstrates the ability with some guidance and is able to leverage competency in multiple situations
  • Mastery: Demonstrates the ability independently and is able to leverage the competency in all types of situations with consistency



Required technical skills



Project Management: E3

  • Co-ordinate the diverse components of the project (planning, execution and change control to achieve required balance of time, and cost)
  • Ensure that the scopes of the projects are well defined and control scope changes
  • Ensure timely completion of the project
  • Ensure that the project is completed within allotted budget
  • Use leadership to achieve successful teamwork
  • Distribute project information with appropriate reporting
  • Identify, analyze, and properly respond to project risks (opportunities and threats)
  • Link people (including team members and stakeholders), ideas, and information throughout the project life cycle; includes timely generation and collection of information along with its proper dissemination and archival.
  • Acquire the products, services, or results from an external source; includes contract management and control processes necessary to administer contracts, properly managing the buyer/vendor relationships, and managing the project’s obligations to the vendor.
  • Manage a project according to a standard process by understanding and using a systems development lifecycle 



Architecture Management: E2

  • Manage the implementation of systems so that their design and components fit into the existing (or future) practice standard infrastructure



Change Management: E3

  • Establish the process, tools and techniques to manage the people-side of change to achieve a required business outcome



Stakeholder management: E2

  • Identify, understand the relevant stakeholders
  • Manage the expectations and agreed the objectives with the program or project stakeholders
  • Report with the relevant frequency the right information to the stakeholders       



Customer needs analysis: E3

  • Can effectively identify and analyze the customer needs for the project or program
  • Formulate the needs and ask questions to the customer even if they were not formally expressed
  • Understand and set the process to analysis need



Third party management: E2

  • Manage the interactions with all external parties to deliver what is expected



Quality management: E2

  • Ensure the project or program is delivered with the expected quality levels   



Required soft skills & Behavioral competencies


**Level: Novice, Intermediate, Mastery



Leadership (Intermediate)

  • Creates an environment for developing and fostering leadership excellence
  • Effectively communicates the group vision and goals and the benefits in achieving the same
  • Recognizes potential leaders and provides them with challenging assignments/stretch goals
  • Takes calculated risks in decision-making and seeks inputs from the team / stakeholders for the same.
  • Creates mechanisms to recognize individual/group contribution and achievements
  • Can effectively mentor others to acquire this competency



Strategic Thinking (Intermediate)

  • Articulates a vision, develops organizational goals and strategies
  • Maintains a wider perspective, aligns actions and contributes to the enhancement of the overall organizational strategy, including outputs from benchmarking activities and reviews
  • Understands and articulates the projected direction of the organization and how changes to it might impact the group
  • Is aware of trends in the external environment and key differentiators vis-a-vis competition and uses this information to anticipate how these changes would impact the organization



Problem solving (Mastery)

  • Recommends solutions relevant to the complexity, scope, risk and magnitude of the problem



Planning (Mastery)

  • Plans up to 2-5 years ahead (particularly when preparing budgets and resource requirements) in accordance with the project/program portfolio to ensure its successful delivery
  • Provides input into planning and prioritization of project activities
  • Required to analyze and critically evaluate information as well as formulate plans based on multiple sources of information
  • Forward planning required e.g. target setting and forecasting trends
  • Ability to manage action plans, review progress and make adjustments where required



Decision making (Mastery)

  • Advises on decisions regarding strategy, policy, and structures
  • Quick to assimilate and integrate new information for informed decision making
  • Monitor changes in the operating environment, quick to act upon potential opportunities.
  • Able to quickly evaluate a situation or issue and take the initiative within limits of authority.



Coaching and Mentoring (Intermediate)

  • Coaching: The process of assisting individuals to set goals then supports the execution of the goals through establishing strategy and providing feedback, insight and guidance to enable the individual to reach their fullest potential.
  • Mentoring: The process in which an experienced colleague is assigned to an inexperienced individual and assists in a training and development or general support role



Interpersonal skills (Intermediate)

  • Assertiveness, empathy, active listening
  • Oral communication, persuasive skills








  • Post-graduate degree in Business Administration, Project Management, IT or a closely-related subject




  • Project management certification (e.g. PMP, PRINCE2)
  • Project risk management standards and good practice (e.g. Management of Risk - M_o_R)
  • Agile methodology (e.g. SCRUM or equivalent) is an advantage
  • Process improvement certification (e.g. Lean, Six Sigma) is an advantage



Overall work experience in the field

  • Experience in Project Management > 5 years
  • Experience in process improvement and organizational transformation > 2 years
  • Experience in Information Security field > 2 years
  • Information Technology experience, IT project management or technical project management > 2 years
  • Experience in managing complex Information Security  projects >2 years



Skills / abilities

  • Ability to function effectively in a matrix structure
  • Operate comfortably at management level
  • Strong facilitation, negotiation and conflict resolution skills
  • Strong networking skills
  • Team player
  • Apply analytical rigor to understand complex business scenarios
  • Professional and positive approach
  • Diligent with attention to detail
  • A can do attitude and willingness to go the extra mile when required
  • Customer centricity
  • Ability to learn
  • Result-oriented mindset
  • Fluent in English



Job purpose


  • Manage security projects  in alignment with sponsors and stakeholders expectations in order to maximize the value generated
  • Manage the governance, prioritization, planning, risks and scheduling to enable successful delivery of the project
  • Report the status of the  project and plan the work intake
  • Manage the communication plan of the project
  • Apply the Information Security Practice project management framework and assure project management quality






  • Job title: Security Project Manager
  • Business unit: AXA Group Information Security


Reporting structure         

  • Reports to: Head of  Portfolio & Program Management
  • Functional reports to: N/A
  • Direct reports: 0
  • Indirect reports: to be defined




  • Managed budget: Less than 1 M€
  • Impact: This position will have a key impact on the generated value by the projects expected by sponsors and stakeholders.
  • Complexity: This position will deal with the transversal management within a global and decentralized organization and contribute to the project maturity improvement.


Work related relationships        

  • Internal actors: Expected to interact with his/her sponsors, stakeholders, Subject Matter Experts, Finance, Project Management Office, Local Information Security teams, Group CSO N-1 and N-2, Regional CISOs, CPO (Country Project Officer) community
  • External actors: Expected to interact with vendors



Key responsibilities – accountabilities


**Level: necessary, important, crucial


  • Lead the project under scope of Group Security practice (Crucial)


  • Review and negotiate projects plans and schedules, maintaining full accountability for the delivery of the project in his/her scope (Crucial)


  • Establish metrics and KPIs to monitor and control the performance of the  project in his/her scope (Crucial)


  • Review and manage the progress of projects to ensure execution is in accordance with defined plans (Crucial)


  • Prepare and follow project budgets, and prepare and gain sign off for program budgets (Crucial)


  • Monitor and manage the  project’s budget and expenditure to ensure project is delivered to agreed budgetary commitments (Crucial)


  • Identify and track risks, issues and alerts on projects and ensure appropriate action plans are established and actively monitored (Crucial)


  • Act as liaison between Group Information Security and various technical and business communities within AXA to communicate the project status, ensure alignment with their own change activities and promote continuous collaboration (Crucial)


  • Communicate relevant and timely information to stakeholders to ensure visibility of progress, budget/expenditure, risks, issues and associated with delivery (Crucial)


  • Manage procurement and contract matters in conjunction with Group IS Finance (Important)



Company Statement


With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders.  AXA is setting-up a Group Information Security practice in order to reinforce its short-term risk reduction strategy, aligned with AXA strategy & culture and based on the industry standards.


Business Unit Statement


To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business.  Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.