IT Security Operations Manager F/M

AXA Partners “Focus & Transform strategy” is shaping Global Operations’ strategic ambition: “bringing simplicity and enforcing transversality, breaking down silos, to succeed in providing a superior customer experience”.

Global Operations has 3 strategic priorities:

• Reposition AXA Partners as the Preferred Business Partner
• Boost AXA Partners to become an Agile Global Organization
• Mature AXA Partners as a Safe, Secure and Resilient company

“Becoming a tech-led company” is one of the strategic enablers and Information and Technology will play a continuously increasing role to help AXA Partners achieve its transformation.

The AXA Partners security model relies amongst other principles on a segregation of duties between second line of defence (oversight security teams) and the first line (IT teams).

As part of the first line of defence, and dedicated to Information security topics, AXA Partners is looking for an IT Security Operations to cover both the geographical scope of Asia and be the subject matter expert on Infrastructure security.

The IT Security Operations will lead & cooperate with the regional IT teams in their execution of IT security controls by providing operational and technical expertise, ensuring the proper deployment of the security strategy, executing transversal controls and contributing to the design of secure infrastructure processes and controls worldwide.

The role will have 2 reporting lines: hard line to the Regional Chief Information Officer and dotted line to the Head of Operational Information Security.

Dimension of the role:

The IT France Security Operations acts both regionally - locally for AXA Partners and:

• Ensures that Information Security topics related to IT are properly addressed on his scope
• Provides guidance and expertise on Infrastructure security topics as the region - local subject-matter expert

Main Missions are the following:

• Act as the principal point of contact on IT security topics in your geographical scope by building fruitful relationship with all stakeholders (Regional and local IT, Security family)
• Translate top-down policies & requirements and ad-hoc requests into operational processes tailored to the needs and specificities of the region. Those must be in compliance with guidelines provided by the global Operational Information Security team.
• Lead the deployment of new IT security activities in the region while ensuring proper transitioning to BAU (process documentation, RACI…)
• Ensure development and maintenance of auditable processes to enforce consistency across the region
• Actively push and follow-up initiatives pertaining to the automation/efficiency of security controls and agility in security
• Provide reportings, dashboards and KPI/KRI’s and follow-up the execution of security controls in the region in complement of Operational Security perimeter
• Ensure proper and up to date documentation of security controls and security related IT processes in the region
• Infrastructure & Obsolescence Security topics - act as the SME on Infrastructure Security topics such as OS Hardening, Firewall/WAF, Encryption, workstation and mobiles devices security for example
• Incident response: build and maintain an efficient incident response framework in your scope fostering collaboration with all IT teams
• Analyse & remediate any identified gaps by Central security solutions within the region
• Manage and operate local security solutions if any in collaboration with other members of the team worldwide

Technical/ Functional Knowledge, Skills and Abilities

• Extensive and practical knowledge of IT infrastructure and technical security technical topics including:
• Implementation and support of solutions for Encryption and PUAM
• OS patching and hardening
• Active Directory
• End point protection solutions
• Firewall/ WAFs / Proxies
• Knowledge of security frameworks, standards, and guidelines
• Ability to formalize technical documentation and more high-level presentations
• Excellent Interpersonal relations & communication skills
• Ability to deliver work / tasks with minimum supervision and effectively operate in an agile environment.
• Demonstrated expert judgment with the ability to quickly identify, analyse, evaluate and resolve problems
• Ability to adapt to a fast-moving environment
• Collaborative working to achieve collective goals, ability to facilitate transversal/cross function collaboration, create trust and develop a “share-to-succeed” mindset
• Business acumen and understanding of organizational issues and challenges
• Fluency in English (verbal and written)

Education, Professional Qualifications and Experience

• Minimum 8 years in IT amongst which 2 years dealing with Security topics.
• Degree in computer science or Information Security
• CISSP, CCSP or CISM or technical certification preferred
• Experience in Financial industry of other highly regulated environment preferred