Head of Security Operations Centre

Location FRANCE, France
Experience level Experienced Hire
Job details sector Information Technology
Apply before Permanent offer

Please apply directly on the website.

 

If you have problems submitting your application, please send your resume to: antonio.gonzalez@axa.com, including the position you are applying to in the e-mails subject.


Required technical competencies

 

  • Information Security Management
  • Information Risk Management
  • Implementing Secure Systems
  • Information Assurance Methodologies
  • and Testing
  • Operational Security Management
  • Incident Management
  • Audit, Assurance & Review
  • Business Continuity Management

 

Required soft skills & behavioral competencies

 

  • Leadership
  • Strategic Thinking
  • Problem solving
  • Planning
  • Decision making
  • Coaching and Mentoring
  • Interpersonal skills
     

Education

  • Bachelor  degree in Computer Science, Engineering, or related field.
  • An MSc Information Security would be desirable but is not essential

 

Certification

  • Information Security and/or Information Technology industry certification (CISSP, CISA, CISM, GIAC or equivalent) strongly preferred
  • Member of IISP or have the qualification, skills and experience to become a member

 

Overall work experience in the field

  • Overall hands on experience of Information Security > 10 years
  • Experience managing in a security operations center >5 years
  • Proven experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc.
  • Experience on security incident management
  • Proven experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Firewall logs, systems logs, web logs, application logs and Security Information and Event Management (SIEM) systems.
  • Experience with technologies, tools and process controls to minimize risk and data exposure

 

Skills / abilities

  • Ability to function effectively in a matrix structure
  • Operate comfortably at management level
  • Strong facilitation, negotiation and conflict resolution skills
  • Strong analytical skills
  • Team player
  • Apply analytical rigor to understand complex business scenarios
  • Fluent in English

Job purpose

This is a global role of managing the Security Operations Center, detecting, responding to and managing security incidents on a global basis.

 

 

Key responsibilities – accountabilities

  

  • Manage all day to day activities within the Security Operations Center
  • Provide leadership, guidance and technical expertise to incident response to ensure the proper response and communications are taking place for identified incidents
  • Regularly review and update security detection, protection, response, and recovery procedures as appropriate to validate effectiveness in properly addressing threats to the organization
  • Provide significant input into the evolution of the Incident Management Architecture
  • Lead all SOC activities; manage the 1st and 2nd level security analyst teams. Manage the incident handling teams and work with other security-related stakeholders
  • Integrating new security services within the monitoring and detection capability of the SOC
  • Continuous service improvement that ensures continuous detection and monitoring improvements
  • Set-out key security performance indicators that ensures proper service delivery and service improvements
  • Embed SOC and Group requirements within a wide variety of projects
  • Responsible for collaborating with all direct staff to ensure Performance Objectives, career path options, and work assignments are all clearly documented, understood and reviewed
  • Develop metrics needed to communicate risk levels to the organization and articulate the value derived from the Cyber Services provided to the company.

 


Company Statement

 

With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. AXA is setting-up a Group Information Security practice in order to reinforce its short-term risk reduction strategy, aligned with AXA strategy & culture and based on the industry standards.

 

Business Unit Statement

 

To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.