Detection & Response Security Lead Expert

JOB ENVIRONEMENT

With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, ref AXA, at AXA Group Operations (AXA GO) we create innovative technology, including data and security, solutions to help AXA fulfil its ambition of being a customer-focused, tech-led company. AXA GO is a young and dynamic division launched in 2019 and comprises 8,000 employees across 17 countries around the globe from Paris, France to Pune, India. We are the ones steering technological choices and giving AXA the technology innovations that will support its transformation into a customer-centric tech-led company. For this, we work in close partnership with AXA entities world-wide.

PRESENTATION OF THE CONTEXT / TEAM
Security Design and Technology (SDT) improves the security of AXA by realizing the Cyber Defense security services we need to protect AXAs technology, customers, and company. We manage the architecture portfolio of these Cyber Defense products, together with the product managers and (product) SMEs. SDT supports Group Operations (GO) IT security in general by providing security architecture support for the integration of its security products.

The Cyber Defense solutions are based sources, and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. 

As an integral part oon company instructions, regulations, and business needs around the globe. It is the role of SDT to find solutions that meet the often-conflicting business requirements and mitigate the identified Cyber Risks.

SDT is a global team which consists of ten employees based in France, Spain, United Kingdom, and the United States.

JOB PURPOSE
In 2019 Cyber Defense started a journey with a new SOC platform in the public cloud. Serving AXA entities around the globe with Security Monitoring services. The SOC collects logs from, for example, Classic Data Centers, Microsoft 365, AWS, GCP, Salesforce, Azure, and other SaaS platforms.

A successful SOC is a combination of platform, data, detection rules, and incident response. As the SDT Detection & Response Security Lead Expert you work together with the SOC, product teams and SDT SOC Security Platform lead, to assure we have the right capabilities to detect and respond to the relevant cyber threats. It is part of your responsibility that AXA has the right processes, roadmap, and approach regarding the SOC Use Case Kits. 

Your work consists of the following activities. 
•    Work with the security research team to identify the cyber threats, and with the SOC and our partner to find the correct Use Case Kits to address them. Understanding of the MITRE ATT&CK framework is essential, as we use it to determine our coverage and select appropriate Use Case Kits. You work with entities around the world, product teams and SOC BAU team to identify additional Use Case Kits we need to protect our business or Use Case Kits that are no longer needed
•    You will be in the lead to guide the IT project/ product teams to mitigate their identified security threats via Cyber Defense services. It will be your task to determine if security monitoring is the most efficient/cost effective way to address the risk, if the project team should implement another product from our Cyber Defense portfolio or if there are other preventative (security) measures possible
•    You will lead (and participate) in projects and initiatives to improve our Detection and Response capabilities covering a wide range of security expertise

MISSIONS
Protect AXA by
•    bringing the requirements of the SOC, Entities, threat landscape and external regulations together in a clear plan to move ahead
•    supporting IT project/products in their security risk mitigation by identifying the suitable prevention, detection and response methods
•    improving our detection and response capabilities

PROFILE

The key functions of the role is outlined below:

    Translate Group IT strategy and Group Information Security strategy into actionable technical cloud security strategy, roadmaps, plans and projects for AXA SOC Use Cases
    Provide SOC security input into the Group IT and Group Security strategies 
    Work with the cloud center of competence(s) to create and maintain the cloud security monitoring roadmaps
    Be the global SOC cloud (based on Sentinel) Detection & Response Security Lead 
    Drive the continuous improvement and security risk reduction by:
o    identify improvements/opportunities with existing security monitoring technologies 
o    drive the adoption of new innovative security monitoring technologies and services
    Work with the Cyber Defense Product Managers to ensure the incident response teams get maximum benefits of their data collected and used for security monitoring
    Work with information security risk specialists and IT owners address their security monitoring needs
    Working with Group CTO, entity CTO’s, Chief Architects IT Chapter and Product Heads to align security technologies, services, and controls into the wider entity IT strategies
    Work with the SOC BAU Teams and peers to drive consensus on the SOC product strategy to execute
    Work with entities to identify and document entity requirements
    Work with AXA Group Procurement and the Product Manager to manage the relationship with key cloud security vendors
    Work with entities to enhance existing cloud solutions or create new cloud security solutions and service that will be provided by Cyber Defense  

Qualifications
Education 
    Bachelor’s degree in business, project Management, IT or a closely related subject. 
    An MSc Information Security would be desirable but is not essential
Certification
    Cloud Architecture qualification
    Cloud Security qualifications
Overall work experience in the field
    Experience in Information Security discipline(s) > 10 years
    Experience in technical Information Security solution design > 10 years
    Hands on experience in a range of technologies e.g., Cloud, SOC, SIEM, IAM, IPS/IDS, WAF, HIPS, firewalls, PUAM, Microsoft 365, Unix, Azure, Amazon Web Services, Forensics, etc. > 5 years
Skills / abilities
    Ability to function effectively in a matrix structure
    Operate comfortably at management level
    Strong facilitation, negotiation, and conflict resolution skills
    Strong networking skills
    Team player
    Apply analytical rigor to understand complex business scenarios
    Fluent in English

As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working with 105 million customers, we’ve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we’re nurturing a culture of
respect, for each other, for our customers and the communities around us. Join AXA and you’ll feel like you belong, are included and can thrive. You’ll be able to shape the way you work and truly grow your potential as you seek out new opportunities, push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.