Security Architect Spain

The Security Technical Design Lead plays a critical role in bringing specialized expertise in Security architecture to GO Security teams (Product Security Office, Engineering Center). They ensure complex projects from AXA GO meet security standards, participating in the definition of compliance and security technical controls for products.

The division

You will join the Group Security division, which defines security standards for AXA entities, oversees the overall security posture across the Group, and provides centralized services such as Crisis Management and Security Operations Centre.

Throughout AXA Group, the security community consists of approximately 1000 security professionals working daily to protect our customers, operations, brand, and people. Our security disciplines include Information Security, Physical Security, and Operational Resilience.

Our main missions :

• Monitor the Security Threat Landscape
• Define and oversee Security Standards and Strategy implementation across the Group
• Drive security objectives with C-Level executives (COO, CIO, CTO, CFO…) of AXA entities
• Ensure the security of Group Operations
• Provide centralized security services and products to AXA entities

AXA Group Security is divided into 4 main blocks :

• Corporate functions: Security Advisory, Standards, Governance, Risk & Assurance, Strategy, and Awareness
• CyberDefense: Group security services and products provider
• Group Operations Security: Security of the hosting entity
• Corporate Chief Security Officers: Oversight of entities’ security (Corporate Centre, European Markets, International Markets)

The department / team

Group Operation Security (GO Security) is part of AXA Group Security, tasked with securing AXA GO as an entity and securing GO Products delivered as a Service to other AXA entities.

About the job

Job purpose

As the GO Security Technical Design Lead, your main objectives are to :

• Define and maintain the Technical Security Pattern Library and knowledge base, aligned with Group Architecture, GO Security Policies, and Standard GO Cyber Defense Products
• Perform architecture security reviews for large and risky projects/products supporting GO Security teams, especially Product Security Office and GO Security Engineering Center

Some main topics/technologies include Zero Trust, network segregation, Public Cloud (AWS & Azure), Containerization (OpenShift), Identity and Access Management, API security, security services (A/V, EDR, SIEM), Artificial Intelligence (AI) integration, Shadow Cloud, etc.

Main responsibilities :

• Own the GO technical security pattern library and knowledge base
• Evaluate security design and threat models for architecture, including network, application, and data security measures for complex projects
• Define new security controls for complex products in coordination with GO Security Engineering and Cyber Defense teams, aligned with industry best practices and security policies
• Provide recommendations to improve security posture, including remediation and risk mitigation strategies

Requirements :

• University degree in computer science, information security, systems architecture, or related field
• Significant experience in security architecture design and evaluation
• Deep expertise in security architecture, threat modeling, security kill chain, infrastructure technologies, and cloud security

Technical skills :

• Extensive knowledge of security architecture principles and best practices
• Familiarity with cloud technologies and security tools
• Ability to define and assess security controls for complex solutions
• Strategic mindset and resourcefulness
• Analytical thinking and problem-solving skills
• Ability to work independently and collaboratively
• Fluency in English; French is an advantage

Location: Madrid, Community of Madrid, Spain