Group Security: Incident Manager

Location FRANCE, France
Experience level Experienced Hire
Job details sector Information Technology
Apply before Permanent offer

If you are interested in this opportunity, please apply directly through the tool.

 

If you have problems submitting your application, please send your resume to: antonio.gonzalez@axa.com, including the position you are applying to in the e-mails subject.


Required technical competencies

 

 

Competencies

Description

Information Security Management

  • A1 – Governance
  • A2 – Policy & Standards
  • A3 – Information Security Strategy
  • A4 – Innovation & Business Improvement
  • A5 – Information Security Awareness and Training
  • A6 – Legal & Regulatory Environment
  • A7 – Third Prty Management

Information Risk Management

  • B1 – Risk Assessment
  • B2 – Risk Management

Implementing Secure Systems

  • C1– Security Architecture
  • C2 – Secure Development

Information Assurance Methodologies

and Testing

  • D1 – Information Assurance Methodologies
  • D2 – Security Testing

Operational Security Management

  • E1 – Secure Operations Management
  • E2 – Secure Operations & Service Delivery
  • E3 – Vulnerability Assessment

Incident Management

  • F1 - Incient Management
  • F2 - Investigation
  • F3 - Forensics

Audit, Assurance & Review

  • G1 – Audit & Review

Business Continuity Management

  • H1 - Business Continuity Planning
  • H2 - Business Continuity Management

Business skills and competences

  • J1 – Teamwork and Leadership
  • J2 – Delivering
  • J3 – Managing Customer Relationships
  • J4 &nash; Corporate Behavior
  • J5 – Change and Innovation
  • J6 – Analysis and Decision Making
  • J7 – Communication and Knowledge Sharing

 

 

Required soft skills & behavioral competencies

 

 

Competencies

Description

Leadership

  • Creates an environment for developing and fostering leadership excellence
  • Effectively communicates the group vision and goals and the benefits in achieving the strategy
  • Recognizes potential leaders and provides them with challenging assignments/stretch goals
  • Takes calculated risks in decision-making and seeks inputs from the team / stakeholders for the same.
  • Creates mechanisms to recognize individual/group contribution & achievements
  • Can effectively mentor others to acquir this competency

Strategic Thinking

  • Articulates a vision, develops organizational goals and strategies
  • Maintains a wider perspective, aligns actions and contributes to the enhancement overall organizational strategy including outputs from benchmarking activities and reviews
  • Understnds and articulates the projected direction of the organization and how changes to it might impact the group
  • Is aware of the trends in the external environment and key differentiators vis-a-vis competition and uses this information to anticipate how these changes would impact the organization

Problem solving

  • Recommends solutions relevant to the complexity, scope, risk and magnitude of problem

Planning

  • Plans up to 2-5 years ahead (particularly when preparing budgets and resource requirements), in accordance with the project/program portfolio to ensure its successful delivery Provides input into planning and prioritizationof project activities
  • Required to analyze and critically evaluate information as well as formulate plans based on multiple sources of information
  • Forward planning required e.g. target setting and forecasting trends
  • Ability to manage action plans, review progress and make adjustments where required

Decision making

  • Advises on decisions regarding strategy, policy, and structures
  • Quick to assimilate and integrate new information for informed decision making
  • Monitor changes in the operating environment, quick to act upon potential opportunities.
  • Able to quickly evaluate a situation or issue and take the initiative within limits of authority.

Coaching and Mentoring

  • Coaching: The process of assisting individuals to set goals then supports the execution of the goals through establishing strategy and providing feedback, insight and guidance to enable the individual to reach their fullest potential.
  • Mentoring: The process in which an experienced colleague is assigned to an inexperienced individual nd assists in a training and development or general support role

Interpersonal skills

  • Assertiveness, empathy, active listening
  • Oral communication, persuasive skills

 

Qualifcations

Education

  • Bachelor degree in Computer Science, Engineering, or related field.
  • An MSc Information Security would be desirable but is not essential

Certification

  • Information Security and/or Information Technology industry certification (CISSP, CISA, CISM, GIAC or equivalent) strongly preferred
  • Member of IISP or have the qualification, skills and experience o become a member
  • ITIL v3 certified to at least Foundation level

Overall work experience in the field

  • Working knowledge of ITIL Service Management concepts and processes, including: incident management, change management, problem management, service request management, configuration management > 2 years
  • Proven experience on security incident management > 3 years
  • Overall hands on experience of Informatin Security > 5 years
  • Experience in a multi-national, shared services environment, including clear customer service and resolution of escalated issues > 3 years
  • Experience in delivery processes, including lifecycle controls (e.g. Design, Pilot, Acceptance) and Project Management > 3 years
  • Experience in the service management of a security operations center > 3 years
  • Experience with security services such as Intrusion Detection System (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Firewall logs, systems logs, web logs, application logs and Security Information and Event Management (SIEM) systems.

Skills / abilities

  • Cross cultural sensitivity, flexibility
  • Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
  • Strong interpersonal and communication skills; able to deal effectivey with diverse skill sets and personalities, works effectively as a team player
  • Ability to function effectively in a matrix structure
  • Operate comfortably at management level
  • Strong facilitation, negotiation and conflict resolution skills
  • Strong analytical skills
  • Fluent in English
  • Willingness to travel

Company Statement

 

With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. AXA is setting-up a Group Information Security practice in order to reinforce its short-term risk reduction strategy, aligned with AXA strategy & culture and based on the industry standards.

 

Business Unit Statement

 

To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Information Security is to &squo;protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees’.

 

 

Job purpose

  • Manage security incidents to ensure timely mitigation and escalate to approriate incident resolver groups and leadership as required
  • Ensure correct execution of Security Incident Management Processes
  • Drive the efficiency and effectiveness of the Security Incident Management Process
  • Identify any incident/request that requires increased focus and actions necessary to meet committed service levels
  • Incident review and reporting on ticket resolution
  • Produce management information, including reports and KPIs

 

Key responsibilities – accountabilities

 

Manage security incidents to ensure timely mitigation and escalate to appropriate incident resolver groups and leadership as required

Ensure correct execution of Security Incident Management Processes in coordination with the service manager :

  • Develop, co-ordinate and promote the effective functioning of incident management and escalation processes across live systems and services
  • Escalate to problem management activities when necessary
  • Co-ordinate the rapid and effective handling of major incidents and support andtrack escalations
  • Lead the investigation via root cause analysis (e.g. following on from major incidents) or through proactive trend analysis and monitoring
  • Co-ordinate and track escalations to minimize the adverse impact of service issues on the business

Identify any incident/request that requires increased focus and actions necessary to meet committed servicelevels

Reporting :

  • Review the incidents metrics and report on ticket resolution
  • Ensure the preparation and timely distribution of all incident reporting against SLA, OLA, and processes in place
  • Produce and present regular reporting including metrics on a per customer basis.
  • Provide trend analysis to understand customer satsfaction impact, recommend improvement or mitigation actions.