AXA Partners "Focus & Transform Strategy" is shaping Global Operations' strategic ambition: "bring simplicity and drive transversal processes, breaking down silos, to succeed in providing a superior customer experience in line with our Customer2020 ambition". Global Operations has three strategic priorities:
Reposition AXA Partners as the Preferred Business Partner Boost AXA Partners to become an Agile Global Organization Mature AXA Partners as a Safe, Secure and Resilient company The ambition of the security organization is to evolve themselves to a business partner role, delivering value to the business while simultaneously reducing and managing their risk.
It is envisaged that this will happen by following a risk-based strategy and security improvement program with common objectives and controls.
Who are you? The Local Security Officer is key to ensure that the three pillars of Security (Information Security, Operational Resilience and Physical Security) within the entities are relevant, cost-effective and delivered in accordance with the Group Security and CSO AXA Partners Strategy. The Local Security Officer will support AXA Partners countries to move from a pure compliance check approach to a risk-based approach. The individual will be responsible to identify and understand current security gaps locally and globally to standardize processes and drive proper prioritization and adequate improvement plans.
What does your day-to-day look like? Collaborate with and support the Group Security Practice. Ensure presence, quality and effectiveness of processes & controls by interacting with AXA Partners CSO, CISO, CORO, CPSO, GRC, Regional Security Officers, Global Security Center, SO and other stakeholders as necessary. Serve as an expert advisor to the local entities in the implementation and maintenance of security and resilience processes and controls. Ensure policies, shared security services and action plans are implemented based on the Group Security and AXA Partners Strategy. Identify and analyze risk (for employees, systems and business), recommend appropriate mitigation options. Assess the impact on the business environment and align appropriate mitigation actions or the prioritization of projects and investments within the entity. Escalate the need to redirect investment or change practices to mitigate critical risks and ensure legal, regulatory or commercial compliance. Implement continuous improvement processes and activities (e.g. good practices, reporting, problem resolution) to ensure quality and relevance of security services. Monitor and maintain system confidentiality, integrity and availability and manage all security incidents with the GRC. Promote a culture of security/mindset and raise awareness. Oversee the execution of security within BAU/projects/processes in collaboration with the central GRC team. Ensure development and maintenance of auditable processes to enforce consistency across the region. Work closely with all the Security and Operational Resilience stakeholders in the country & the region to leverage on teamwork. Identify and implement coordinated responses to security audit and compliance issues. Attend to the local CMT if requested to provide expertise and support. Your Profile Your skills and experience:
Your strong background in IT-risk analysis, auditing and/or information security practices with experience in financial/insurance industries would be greatly beneficial. Your excellent problem-solving skills and ability to plan and execute on project plans will help you to deliver work autonomously with minimum supervision and effectively operate in our dynamic and global organization. Due to the nature of this role, you will need to have strong knowledge of risks and risk-mitigation strategies as well as information-security-awareness training experience. Our very fast-paced environment will require you to demonstrate your ability to handle multiple tasks with shifting deadlines and priorities. You are highly organised with a strong management background. You will be required to interact effectively, internally and externally with all levels across the company including executive management. Team player:
Actively contributes in order to complete tasks to meet goals or manage projects. Actively listen to improve the product or process at hand. Understand that their team's success is their own success and share responsibility. Education, Professional Qualifications and Experience Experience with IS/OR and/or PSS risk control standards, norms, frameworks and regulations (e.g. ISO 27x, NIST, ISO 22301, GDPR) applicable to the security field. Extensive knowledge of auditing or security tools and solutions. Bachelor's or Master's degree in computer science, Engineering, or related field.
#J-18808-Ljbffr