Regional IT Risk Management Specialist

Location Spain, Spain
Experience level Experienced Hire
Job details sector Risk Management
Apply before 11/11/2016

Haga clic en el botón “Inscribirse”.En caso de que dicho botón esté inactivo o requiera información adicional, puede enviarnos su solicitud por correo electrónico a:


•             Bachelor’s degree minimum; Master’s degree or relevant certification preferred

•             A minimum of ten (10) years’ work experience, preferably in Financial and IT Services industry, including management experience

•             Understanding of insurance, financial, and information risk management and mitigation controls; risk transfer methodologies; corporate governance, regulatory controls and compliance; and vendor risk management

•             Excellent knowledge of IT systems, processes and controls

•             Experience in the design and development of governance frameworks and project management

•             A demonstrated ability to successfully lead multiple competing priorities from the business areas, Risk/Compliance or IT is critical

•             Strong ability to manage relationships within a global company

•             Strong experience in strategic, critical and analytical thinking and pragmatic problem solving

•             Superior communication, negotiation and presentation skills

•             Ability to influence preferred outcomes across all business areas of the Company

•             Superior organizational, analytical and research skills

•             Ability to work well under pressure while completing timely, executive level deliverables

•             Excellent PC skills with proficiency in all Microsoft Office applications (e.g., Word, PowerPoint, Excel, Visio, Project Manager, Access) and e-mail/calendar software

•             Ability to elicit cooperation from a wide variety of sources, including management, clients, other departments, and vendors



•             Strong understanding of technology risk

•             Experience with identifying risks in complex, interactive systems

•             Ability to travel globally

•             Strong analytical and technical skills

•             Proven track record of successful ability to influence others and achieving shared goals

•             Exceptional interpersonal skills with a demonstrated ability to communicate findings, win supporters and move people and organizations to action

•             Experience in the insurance or financial sector

•             Expertise in Technology Risk Frameworks such as ITIL, ISO 2700x, COBIT, ISF, etc.

•             Industry recognized certifications (e.g., CISM, CISA, CRISC, ITIL, CRMA, CIA, PMP)


To support our business strategy and information and technology risk, AXA is building a new GIE Information Risk Management (IRM) practice to enable information risk decisions to be made consistently across the organization and establish sustainable risk management capabilities that are integrated with the business. 


Primary mission:

The protection of information is a shared responsibility of all AXA entities, including all AXA employees, agents, and advisors.  To guide AXA in this effort, IRM is responsible for leading the enterprise's approach for managing existing and emerging risks associated with the stewardship of AXA information.  IRM oversees risk identification processes as well as manages risk treatment initiatives in place to protect data from technical and administrative threats and vulnerabilities.  All forms of data related to AXA entities, employees, customers, business partners, and other stakeholders are within the scope of IRM. 


General Responsibilities:

  • Ensure Group  I&T Risk Management sponsored initiatives across EMEA LATAM countries
  • Identify, sponsor, and communicate best practices for information risk based matters
  • Work with applicable stakeholders to complete global IRM projects,
  • Establish and manage reporting to encourage transparency into information risk activities, projects, and initiatives
  • Support bi-directional communication channels to ensure strong oversight of regional and entities information risk programs is established aligned with Group governance
  • Analyze internal/external trends and research and apply as inputs to assist in directing the enterprise’s strategy for managing information risk


Core activities:

  • Along with stakeholders throughout Risk Management and business areas assist the implementation of solutions and tools that assist in assure I&T program adherence.
  • Assist in the identification and implementation of best practices  for risk based projects
  • Support and sponsor IRM governance at Entity level,
  • Assess and establish I&T Third Party Risk protocols following Group program.
  • Direct I&T Policy Lifecycle Management (PLM).
  • Maintain an effective set of  policies that meet legal, regulatory and commercial requirements and are aligned with AXA’s risk appetite and industry good practice that support effective management of risks and that align with related policies
  • Deliver proposals for policies and assists with evaluation, editing, impact assessment, approval-process and publication in close cooperation with relevant stakeholders (CISO’s, compliance, procurement etc.).
  • Support the definition and landing of I&T information and technology risk framework, risk acceptance process, and issues and exception management.


AXA Emerging Markets EMEA-LATAM is one of the region of the global insurer AXA covering emerging markets. It has operations in Middle East & Africa, Turkey & Azerbaijan, Latin America and other growing markets in Europe. Present in 29 countries, the Region has 21 million customers and 14,000 employees with activities in Property & Casualty and Life & Savings. To support the business operations in the countries, the regional platform offers a multicultural and diverse environment (languages, countries, nationalities) and multiple career development opportunities.