L2 Security Analyst (F/M)

Job description

PRESENTATION OF GROUP IT


Within Group Operations, Group IT defines and leads the technology strategy of the Group so that the AXA IT platform enables innovation & growth while ensuring the quality of service, aligned to business-driven priorities

Teams work together to enable the move from ‘traditional insurer to ‘technology led company', by :

· Providing streamlined, efficient & innovative IT services and products
· Ensuring a consistent customer experience with harmonized processes and a dedicated customer facing
· Being a catalyst of Cloud adoption and industrialization of operations, while optimizing cost
· Managing the AXA IT Platform, including the implementation of the IT strategy and the definition of the business & application architecture
· Protecting AXA Services employees, assets and data and ensuring security is an integral part of the IT culture and processes
· Driving the IT governance & the execution of the AXA global IT strategy

CYBERDEFENSE


Under Group IT, the Cyber Defense department provides the entities and markets with first line of defense services (field operations including Information Security Operations (ISOPs) and Security Operations Centre to protect, detect and react to Cyber threats.

POSITION MAIN ACTIVITIES

· Build on and continuously improve SOC analytics framework
· Ensure effective operation of SIEM content: filters, rules, expressions and other identification mechanisms of the threat and vulnerability management technologies used within the SOC
· Mentor and guide the First Level Security Analysts
· Provides professional data analysis within the SOC processes and to SOC customers to drive further security measures and risk mitigation activities.
· Responsible for execution and maintenance of SOC related analytical processes and tasks
· Detailed technical security reporting to AXA operating companies and appropriate stakeholders
· Work closely with other Information Security teams to ensure effective intrusion detection and incident response
· Continually maintain and improve technical capabilities through individual development activities, accreditations and certifications to remain constantly prepared to challenge the ever-evolving cyber threat
· Manage services delivered by an outsourcer
· Lead some technical topics

Stakeholders: Expected to interact with Technical Products, Group Security Operations, Regional Information Security Units, IT Operations & Business Operations External actors. Expected to interact with external third parties and vendors

Desired profile

Qualifications :

PROFILE, SKILLS & COMPETENCIES

Education
·  Bachelor's degree in computer science, Engineering, Information Technology or adequate experience if a degree from unrelated field
·  An MSc Information Security would be desirable but is not essential

Certifications

SEC555 GCDA or CISSP or FOR572 GNFA is a plus but not mandatory

Overall work experience in the field
·  Experience in information security domain > 3 years
·  Experience and/or knowledge in network and/or firewall engineering, system administration, design and implementation or related field > 3 years
·  Experience in security analysis and SIEM content development > 3 years
·  Work experience in a global organization > 5-7 years

Skills / abilities
·  Knowledge of SIEM products
·  Knowledge of network technologies, Windows and Unix administration
·  Knowledge of typical security devices such as firewalls, intrusion detection systems, AV and End Point security, Web Application Firewalls, antispam systems, event correlation systems, etc.
·  Understanding of security threats, attack scenarios; analysis and intrusion detection skills
·  Excellent analytical skills and out-of-the box thinking
·  Excellent communication & presentation capabilities
·  Team player
·  Fluent in English