Consultant - IT Security

About AXAAs one of the largest global insurers, our purpose is to act for human progress by protecting what matters.Protection has always been at the core of our business, helping individuals, businesses and societies to thrive. And AXA has always been a leader, an innovator, an entrepreneurial company, fostering progress in all its dimensions. Our purpose also links back to the Group's roots. From the outset, AXA has been committed to acting as a force for collective good. From solidarity-based actions with AXA Hearts In Action to work on prevention issues with the AXA Research Fund and the fight against climate change, AXA has always been attentive to its social environment and embraced its responsibility as an insurer: responsibility for taking action upstream in order to better understand risks, with one goal in mind: to ensure better protection.Our values reflect the culture that the Group's teams around the world live and express each day. The strength of AXA's company culture and its outstanding managerial continuity over more than 40 years can also be seen in the proximity of its values across the various periods. Courage, Integrity, One AXA and Customer First are the four core values adopted by the Group since 2016.Our Vision is to transform AXA's value proposition "from payer to partner", by delivering new services complementing the traditional insurance coverage and by building new business models to increase the protection of our customers.Job Responsibility IT Security Working with the IT/IS teams to implement the requirements identified in the AXA Partners Security Policies and Group Security Instructions by helping to develop and oversee operational security controls (aligned to ISO27001/2); Such as:- • Access recertification campaigns. • Coordinate in governance of technical security testing (penetration testing, SAST/DAST, vulnerability scans) of assets with Cyber Defense Application Security team, • Implementation of technical security baselines, increasing Minimum Technical Security Level compliance score. Consolidation of MTSB score and bring in improvement in the process of pre-filled tracker • Help aggregating data for MTSB V2 Follow up. (MS Excel, Power BI skills to be applied) • Gathering and validating artifacts and evidence on the operation of security controls through the Information Security Assurance Framework • Providing direction on the interpretation of security policies and instructions Working with IT / IS teams to ensure the implementation & monitoring of the security remediation and mitigation actions with the Product Managers and IT Teams identified through internal governance activities (Security Risk Assessments, Security Assurance Plans, Information Security Assurance Framework, Product Security Forums, Internal Audit reports or Technical Assurance Testing) • Support the IT /IS Operation in various governance Forums, such as maintain minutes and actions. • Deliver/Maintain up to date Product Security Reports • Ensure that security requirements are taken into account on each step of SDLC or projects, collaborating actively with the Security in Projects team Skills Required • Ability to translate security concepts and requirements into language that the business and other nontechnical stakeholders can understand. • Excellent time management skills, including the ability to manage a demanding and variable workload with tight deadlines. • Strong communication and inter-personal skills. • Good analytical skills and the ability to clearly identify key issues. • A strong customer focus to ensure internal stakeholder needs are met. AXA - GBS Internal Knowledge and Experience • A minimum of 3 years IT/Security experience • Working knowledge of Information Security Management System ISO 27001/2. • Good understanding of Public Cloud services and technologies and SaaS based applications. • Good understanding of networking and infrastructure technologies and architecture fundamentals • Good understanding of Application Security fundamentals• General understanding of EU Data protection requirements. • General understanding of EU Financial services regulation, and regulatory reporting requirements. • General understanding of Financial Services business processes. PRB