Offers “Axa”

Expires soon Axa

Information Security Officer Cloud

  • Paris 1er Arrondissement (Paris)
  • Marketing

Job description



You are going to ensure policies and mechanisms are in place to meet compliance requirements across the cloud. If not, define the relevant security To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees'.

Job purpose

·
Lead the local implementation of the Target Operating Model, agreed between Group CSO and Local CIO, in line with the Corporate CSO

·
Act as a key advisor to local entity senior management (CEO, CIO, CRO, Corporate CSO) on information security matters (e.g. information risk management, cybersecurity, information security control, monitoring, information privacy, operations, identity access management, security architecture, forensics)

·
Act as a leader at the local entity to drive security in terms of assessment, risk appetite, report and promotion in an entity to advise and challenge businesses

·
Drive cultural and organizational change throughout the local entity and implement a sustainable information security practice

·
Lead, develop and deploy a portfolio of security services for the local entity

·
Contribute to the development of the security shared services and ensure implementation of the shared services within the local entity

More specifically, the Security Officer Cloud will:

·
Ensure cloud strategy is aligned with the security standards of Group security, cyber security team, SOC, and entity security

·
policy in the cloud, collaborating with IT Architecture and IT Operations

·
Identify risks where security requirements cannot be fully addressed in the timeframe of a project

·
Address security questions and concerns from any part of AXA related to cloud security platform in public and private

·
Detect and react to security related incidents and audit points across cloud platforms

·
Ensure new products and features are securely built

·
Ensure cloud adoption is aligned with the IAM processes

·
Manage and minimize non-compliant AXA cloud instances in AWS/ Azure and bring those instances back to managed public cloud platform if possible

·
Validate cloud policies with new cloud vendors such as google, SAP, Oracle and ensure security topic is complied with the changing regulations

·
Look for opportunities where security can be optimized and enhanced

Desired profile



Qualifications :

Education & certification

· 
A degree in information security, computer science, information management systems, Business, Accounting or related field

· 
A post-graduate degree in security or general management (such as an MBA) is an advantage but not essential

Certification

· 
Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISM, ISO 27001 Lead Auditor, GIAC or equivalent) strongly preferred

· 
Business Continuity Industry certification (MBCI, DRII…) ) is an advantage but not essential

· 
Physical security certification (CPP, PSP, BTEC…) ) is an advantage but not essential
Overall work experience in the field
· 
Experience in security, IT audit or related area > 10 years

· 
Leadership/ management experience > 7 years

· 
Previous experience managing a remote/international team preferred

· 
Previous experience as interim or acting Chief Information Security Officer, Physical Security Officer, Operational Resilience Officer, Business Continuity Officer or extensive experience reporting to a CEO, CIO, Chief Audit Officer, Chief Risk Officer or other senior executive in an international organization.

Skills / abilities

· 
Ability to effectively negotiate a decentralized and political corporate environment

· 
Strong networking skills

· 
Team player

· 
Ability to apply analytical rigour to understand complex business scenarios

· 
Fluent in English

Make every future a success.
  • Job directory
  • Business directory