Senior Security Manager (Security Technology & Operations)

About AXAAs one of the largest global insurers, our purpose is to act for human progress by protecting what matters.Protection has always been at the core of our business, helping individuals, businesses and societies to thrive. And AXA has always been a leader, an innovator, an entrepreneurial company, fostering progress in all its dimensions. Our purpose also links back to the Group's roots. From the outset, AXA has been committed to acting as a force for collective good. From solidarity-based actions with AXA Hearts In Action to work on prevention issues with the AXA Research Fund and the fight against climate change, AXA has always been attentive to its social environment and embraced its responsibility as an insurer: responsibility for taking action upstream in order to better understand risks, with one goal in mind: to ensure better protection.Our values reflect the culture that the Group's teams around the world live and express each day. The strength of AXA's company culture and its outstanding managerial continuity over more than 40 years can also be seen in the proximity of its values across the various periods. Courage, Integrity, One AXA and Customer First are the four core values adopted by the Group since 2016.Our Vision is to transform AXA's value proposition "from payer to partner", by delivering new services complementing the traditional insurance coverage and by building new business models to increase the protection of our customers.Key Responsibilities:Strategic Leadership and Vision: Develop and implement a comprehensive strategy for security technology deployment and operations management. Provide visionary leadership in integrating cutting-edge security technologies to protect the organization against emerging threats.Security Technology Management: Oversee the selection, implementation, and management of security technologies, including but not limited to, intrusion detection systems, firewalls, antivirus software, and security information and event management (SIEM) solutions. Ensure these technologies are optimally configured, updated, and maintained to provide maximum protection.Operational Security Oversight: Manage day-to-day security operations, ensuring robust monitoring, detection, and response processes are in place. Oversee the security operations center (SOC) and ensure incident response plans are effectively executed.Team Leadership and Development: Lead a high-performing team of security professionals. Foster a culture of continuous learning and professional development, ensuring team members are skilled in the latest security technologies and practices.Audit, Compliance, and Risk Management: Conduct regular security assessments and audits to identify vulnerabilities. Manage the risk assessment process and ensure compliance with relevant security standards and regulations. Oversee the development and implementation of policies and procedures to mitigate identified risks.Technical Skills Required:Advanced Security Technologies Expertise: Deep knowledge of and experience with advanced security technologies and solutions, including Next-Generation Firewalls (NGFWs), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) solutions, and Advanced Threat Protection (ATP) tools. Familiarity with encryption technologies, identity and access management (IAM) solutions, and network segmentation strategies.Cybersecurity Operations Management: Proven track record of effectively managing a Security Operations Center (SOC), including incident detection, response, and recovery. Expertise in developing and implementing operational procedures for threat monitoring, analysis, and rapid incident response. Knowledge of threat hunting practices and the use of artificial intelligence (AI) and machine learning (ML) in enhancing detection capabilities.Cloud Security: Comprehensive understanding of cloud computing models (IaaS, PaaS, SaaS) and cloud security frameworks. Experience in securing cloud environments, including AWS, Azure, and Google Cloud, through the implementation of cloud security best practices and tools.Security Architecture Design and Review: Ability to design, review, and enhance security architectures for complex IT environments. This includes understanding the principles of secure network design, application security, and data security. Expertise in conducting security architecture reviews and vulnerability assessments to identify and mitigate potential security risks.Regulatory Compliance and Standards: In-depth knowledge of international and regional regulatory compliance requirements and security standards, such as GDPR, HIPAA, PCI-DSS, ISO/IEC 27001, and NIST frameworks. Ability to guide the organization in achieving and maintaining compliance with these standards.Risk Management: Strong skills in identifying, assessing, and prioritizing cybersecurity risks. Experience in developing and managing risk mitigation strategies, conducting risk assessments, and implementing risk management frameworks.Project Management: Excellent project management skills, with experience in leading cross-functional teams in the deployment of security technologies and the execution of security projects. Familiarity with project management methodologies and tools.Automation and Orchestration: Knowledge of security automation, orchestration, and response (SOAR) tools and practices. Ability to implement automation to streamline security operations and response processes.People Management Skills:Leadership of High-Performing Security Teams: Demonstrated success in leading security teams that exceed performance expectations. Includes building team structures that facilitate collaboration and efficiency, as well as fostering a culture of continuous improvement and innovation.Motivation, Coaching, and Skill Development: Skilled in identifying individual team members' strengths and areas for growth, offering personalized coaching and mentorship. Implementing development plans that align with both organizational goals and personal career aspirations of team members. Encouraging a learning environment where team members are motivated to acquire new skills and certifications.Conflict Management and Positive Workplace Culture: Proven ability in handling interpersonal conflicts effectively, mediating disputes and promoting a culture of understanding and respect. Crafting strategies to enhance team cohesion and ensure a supportive, inclusive work environment where diversity is valued and every team member feels empowered to contribute.Goal Setting and Performance Monitoring: Expertise in setting clear, measurable objectives for the team and individual members, aligned with organizational priorities. Regularly reviewing performance against these goals, providing constructive feedback, and adjusting strategies as needed to meet evolving challenges.Talent Management and Professional Development: Strategic approach to talent management, including identifying potential leaders within the team and supporting their growth through targeted training and leadership opportunities. Fostering a culture of professional development, encouraging team members to pursue opportunities that enhance their skills and contribute to their career progression.Relationship with Partners:Establishing and Maintaining Strong Professional Relationships: Ability to forge and sustain robust professional relationships with a wide range of. This includes regular communication, understanding their capabilities and limitations, and aligning their services with the organization's security needs.Negotiation and Contract Management: Skilled in negotiating terms and managing contracts with security service providers to ensure that agreements meet the organization's security requirements and budget constraints. This includes the ability to articulate clear service level agreements (SLAs) and ensure compliance through regular review and adjustment processes.Collaboration on Shared Security Initiatives: Experience in initiating and managing collaborative security projects between companies, including joint ventures, shared threat intelligence, and collective defense strategies. Demonstrating the ability to work across organizational boundaries to enhance the overall security posture.Security Governance with Partners: Developing and implementing governance frameworks to oversee the security aspects of partnerships. This involves setting up regular governance meetings, establishing clear roles and responsibilities, and ensuring that partners adhere to agreed-upon security standards and practices. It includes the management of shared risks and the seamless integration of partner services into the organization's overall security strategy.Qualifications:Advanced degree in computer science, information security, or a related field.Significant experience in a similar role, ideally in a similar environment.Desired professional security certifications (ISO27XXX, CISSP, CISM, CRISC, etc.).Proficiency in English, both written and spoken.Intercultural sensitivity, flexibility.Organized with a proven ability to manage workload, meet deadlines, and use time efficiently.Good interpersonal and communication skills, effective teamwork.Ability to function in a matrix structure.Strong analytical skills. PRB