Security Analyst (F/M/X)
AXA en France
Contract type
permanent
Function
Functional Analyst, Consultant (Specialist), IT-Security, Project / Program Manager
Education
bachelor degree, master degree, doctorate
Location
PARIS, 75, Île-de-France, France

JOB ENVIRONMENT

With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. 

As an integral part of AXA, at AXA Group Operations (AXA GO) we create innovative technology and data solutions to help AXA fulfil its ambition of being a customer-focused, tech-led company. AXA GO is a young and dynamic division launched in 2019 and comprises 8,000 employees across 17 countries all around the globe from Paris, France to Pune, India. We are the ones providing advice, steering technological choices and giving AXA access to innovations that will support its transformation into a customer-centric tech-led company. For this, we work in close partnership with all AXA entities.

PRESENTATION OF THE CONTEXT AND AXA GROUP SECURITY

Throughout AXA, the security community represents 1000 security professionals, working daily to protect our employees, customers, operations and brand. Our operating model gathers the three security disciplines Information Security, Operational Resilience and Physical Security & Safety. Our security mission is to ensure that AXA is safe, secure and resilient.

AXA Group Security, as part of AXA GO, defines the security strategy, standards and provides assurance to the Group on the security maturity of all entities across AXA. In its role, it also supports our professional family in entities in maintaining their security posture and respond and coordinate responses to crisis.

This is accomplished through four strategic levers:

  • Safe: It is about our people, have them ready to face security challenges including third parties, health professionals

  •  

  • Secure: Secure the business of today and tomorrow, by increasing security effectiveness on a risk-based approach for all entities.

  • Resilient: Enhance anticipation, detection and reaction capabilities in case of events & Security by design

  • Simple: Simplify, converge and automate our services and activities

The Strategy and Awareness team is setting up the vision based on research and anticipation & raising security awareness.

The Security Strategy and Awareness team oversees:

  • Security Strategy, Threat Anticipation & Research: Bring the outside in and the inside out, to drive security from necessity to advantage.

  • Security Awareness & Behavior: Disseminate and make adopt the security culture.

Our missions are to:

  • Define One Security Strategy for AXA, aligned across all entities

  • Provide cutting-edge research on security

  • Help AXA Group and its entities anticipate emerging threats in Information Security, Operational Resilience and Physical Security & Safety in a converged manner

  • Drive security awareness and behavior towards all AXA employees

  • Position AXA externally as a strong security leader

Our goals are to:

  • Align the security strategy to the business needs and the risks that AXA faces in a fast-moving environment

  • Drive threat anticipation within AXA and its entities to prepare and strategize the organization’s response

  • Raise security awareness and change AXA employees' behaviors across the Group

  • Monitor security trends and technologies to help prioritize actions and develop a culture of anticipation and innovation

  • Engage and build external relationships to position AXA as a security leader and bring the outside in.

POSITION MAIN ACTIVITIES

  • Contribute to the Security Strategy design

AXA Group Security has the mandate to define the Security Strategy of AXA and review the local security strategies to make sure they are aligned and adequate to meet the group requirements.

Today AXA has decided to enlarge the coverage to the smaller entities of the group and this effort will require additional resources inside Security strategy and awareness team.

The position will have a key impact on the design and update of AXA security strategy and position of AXA outside on security topics:

    • Engage with different levels of stakeholders (business stakeholders, external analysts and experts, technology firms, governance bodies, external forums and peers).

    • Support the development and delivery of the security strategy of the group.

    • Prepare high level presentation for Executives to explain strategic prioritization.

    • Help local entities deliver their security strategy.

  • Contribute to the thought leadership initiatives and engagement program driven by the team for Group Security with both internal and external partners

AXA is joining the French Campus Cyber and has the ambition to be leader of Dow Jones Sustainability index:

    • Contribute to the thought leadership initiatives and engagement program driven by the team for Group Security with both internal and external partners.

    • Coordinate the actions of the different AXA people engaged in the Campus Cyber activities.

    • Contribute to preparing the relevant information to the Dow Jones Sustainability index and other benchmarks

    • Participate in industry education and networking events, maintain relationships with external bodies and peers.

  • Contribute to Security Research and Innovation

AXA needs to anticipate upcoming trends in technology so as to cover for the possible emerging security issues:

    • Contribute to the ongoing research and analysis of emerging technology, risks and industry trends.

    • Contribute to the assessment of the impact on the business environment and recommend appropriate mitigation actions for inclusion into the Group Security Strategy

    • Complete or contribute to a security horizon scanning to anticipate new processes, technologies and solutions to be implemented

    • Write short briefing documents on topical security issues (including cyber security, physical security and operational resilience)

    • Contribute to the security research and innovation community and actively participate in appropriate meetings/events/newsletter/two pagers

    • Make sure to share the findings in newsletters or events

Scope: Worldwide

Stakeholders: The Security Analyst will work within AXA Group Security, with Group Risks Management, Compliance, Group Internal Audit, CSOs of local entities and external partners via the Campus Cyber. The Security Analyst will need to interact with external stakeholders as well, including our peers, industry forums, regulators strategy consultants, providers of security solutions, etc.

PROFILE, SKILLS & COMPETENCIES

EXPERIENCE

  • Business strategy/Consulting/Finance

  • Security

  • Tech and data / data science

QUALIFICATIONS

Education

  • Bachelor’s degree in Business, Project Management, IT or a related subject.

  • An MSc in Information Security would be desirable but is not essential, a PhD is a plus.

Certification

  • Information Security and /or Information Technology industry certification (CISSP, CISM, GIAC or equivalent) preferred

  • Member of CIISec or have the qualifications, skills and experience to become a member

Overall work experience in the fields

  • Experience in Security > 3-5 years (required)

  • Experience in converged security environments is a plus

  • Experience in delivering Strategy

  • Experience in Data Science/Data Analysis

  • Experience in security technical domains such as Identity and Access Management, Data management or Security in RPA/Automation/AI will be a plus

Language

  • Fluent in English is a necessity (including technical Information security English)

  • French is a plus

SKILLS/ABILITIES

Leadership

  • Effectively communicates the group vision and goals and the benefits in achieving the strategy

  • Takes calculated risks in decision-making and seeks inputs from the team / stakeholders for the same

Strategic Thinking

  • Articulates a vision, develops organizational goals and strategies

  • Maintains a wider perspective, aligns actions and contributes to the enhancement overall organizational strategy including outputs from benchmarking activities and reviews

  • Understands and articulates the projected direction of the organization and how changes to it might impact the Group

  • Is aware of the trends in the external environment and key differentiators vis-a-vis competition and uses this information to anticipate how these changes would impact the organization

Problem solving

  • Recommends solutions relevant to the complexity, scope, risk and magnitude of problem

Planning

  • Required to analyze and critically evaluate information as well as formulate plans based on multiple sources of information

  • Forward planning required e.g. target setting and forecasting trends

  • Plans up to 2-5 years ahead (particularly when preparing budgets and resource requirements), in accordance with the project/program portfolio to ensure its successful delivery Provides input into planning and prioritization of project activities

  • Ability to manage action plans, review progress and adjust where required

Decision making

  • Advises on decisions regarding strategy, policy, and structures

  • Quick to assimilate and integrate new information for informed decision making

  • Monitor changes in the operating environment, quick to act upon potential opportunities

  • Able quickly evaluate a situation or issue and take the initiative within limits of authority

Coaching and Mentoring

  • Coaching: The process of assisting entities to set goals then supports the execution of the goals through establishing strategy and providing feedback, insight and guidance to enable the entities to reach their fullest potential.

Interpersonal skills

  • Assertiveness, empathy, active listening, seek and give feedback

  • Oral communication, persuasive skills

  • English (mandatory) and French (a plus)

We bring together the expertise, cultural diversity and creativity of over 8,000 employees worldwide and we’re committed to equal opportunities in all aspects of employment (gender, LGBT+, disabled persons, or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued.