Information Security Consultant (H/F)
Paris (Paris) Développement informatique
Description de l'offre
With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. AXA is setting-up a Group Information Security practice in order to reinforce its short-term risk reduction strategy, aligned with AXA strategy & culture and based on the industry standards.
Business unit statement
To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees'
Job purpose
·
Manage relationship with Chief Information Security Officers and SE region OpCos security consultant
·
Be the main point of Contact for OpCos to Axa IT Technical Products Department Security
·
Manage Axa Services Infrastructure security project portfolio (including group security transversal program) for some SE regions entity
·
Contribute to preparation and attend Monthly steering committees with OpCo's Head of Security and/or CISO
·
Cascade group security to OpCo's head of security
Company statement
With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. AXA is setting-up a Group Information Security practice in order to reinforce its short-term risk reduction strategy, aligned with AXA strategy & culture and based on the industry standards.
Business unit statement
To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Information Security is to ‘protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way, fully supported by executive leadership and underpinned by all AXA employees'
Job purpose
·
Manage relationship with Chief Information Security Officers and SE region OpCos security consultant
·
Be the main point of Contact for OpCos to Axa IT Technical Products Department Security
·
Manage Axa Services Infrastructure security project portfolio (including group security transversal program) for some SE regions entity
·
Contribute to preparation and attend Monthly steering committees with OpCo's Head of Security and/or CISO
·
Cascade group security to OpCo's head of security
Key responsibilities – accountabilities
Description
Level*
Service level management :
· Collaborate with the Local Head of Security in the design of appropriate metrics for reporting on key performance and quality indicators
· Assist in developing material for service presentations to explain the operation and support of technology security services
Crucial
Security Vendor Management
· Support third party security providers for ISOPS to monitor and review their compliance to SLAs, OLAs as per the agreed contract
· Work with third party service providers to ensure third party service reports are in line with customer requirements and metrics
· Conduct regular reviews with vendors to collect incident trends and service improvement areas
Crucial
Service reporting
· Collaborate with Business Relationship Manager and service delivery teams to validate service metrics definition and terms of reference for reporting
· Develop and document service metrics based on reporting requirements
· Setup, configure and maintain tools and templates to generate metrics and reports
· Generate and produce reports on pre-agreed templates and content. Setup, configure and manage
· Collaborate with Business Relationship Manager to
· Ensure the preparation and timely distribution of all operational Service Reporting against SLA's.
· Produce and present regular service management report data including metrics (e.g. platform availability) on a per customer basis.
· Provide trend analysis of service levels to understand customer satisfaction impact, recommend improvement or mitigation actions
Crucial
Profil recherché
Qualifications :
Qualifications
Education
·
Bachelor degree in Computer Science, Engineering, or related field.
·
An MSc Information Security would be desirable but is not essential
Certification
·
Information Security and/or Information Technology industry certification (CISSP, CISA, CISM, GIAC or equivalent)
·
ISO 27xxx certification (27001 Lead Implementer, or Lead Auditor or ISO 27005)
·
ITIL v3 certified to at least Foundation level
Overall work experience in the field
·
Working knowledge of ITIL Service Management concepts and processes, including: incident management, change management, problem management, service request management, configuration management > 2 years
·
Experience in a multi-national, shared services environment, including clear customer service and resolution of escalated issues > 2 years
·
Overall experience in Information Security > 2 years
·
Overall experience in reporting of security services > 2 years
Skills / abilities
·
Cross cultural sensitivity, flexibility
·
Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
·
Good interpersonal and communication skills, works effectively as a team player
·
Ability to function effectively in a matrix structure
· Good analytical skills
· Fluent in English