Chief Security Officer

Description:

The Chief Security Officer is a critical position within AXA Partners organisation to ensure that we progressively create an environment that fosters a culture of securing our information assets, takes informed decisions on managing cyber and resiliency risk, and protects our clients, partners and employees.

The role holder will oversee all security matters, from IT security to operational resilience and physical security for the worldwide AXA Partners Group (34 countries, 9,500 FTE).

The role reports to the AXA Partners Global CRO (AXA Partners ExCom member).

What You’ll Be Doing

Your main missions will be to:
 

• Define and implement the AXA Partners
  • Security strategy aligned with AXA Group and Axa Partners strategic objectives
  • Security model based on the Group Security Operating model
• Collaborate with and support Group Security and other stakeholders as necessary to ensure that security (Information Security, Operational Resilience and Physical Security) within the AXA Partners is relevant,cost-effective and is delivered in accordance with the Group Security Strategy
• Serve as an expert advisor to senior management of AXA Partners in the implementation and maintenance of security
• Ensure local compliance with the security standards, instructions and strategic initiatives
• Ensure local legal, regulatory and commercial compliance pertaining to Security
• Supervise the global security strategy to the entity (taking into consideration the local regulation and specificities),
• Define the concrete actions related to the security strategy execution, and monitors achievement
• Ensure the achievement of the security targets in the entity, as set by Group Security
• Identify and assess security threats and risks, recommend appropriate mitigation options and document all components in clear, business-intelligible language
• Maintain an understanding of emerging technology, risks and industry trends. Assess the impact on the business environment and recommend appropriate mitigation actions or the prioritization of projects and investments
• Escalate the need to redirect investment or change practices to mitigate critical risks and ensure legal, regulatory or compliance
• Implement continuous improvement processes and activities (e.g. good practices, reporting, problem resolution) to ensure quality and relevance of security services
• Monitor and maintain system confidentiality, integrity and availability and manage security incidents (analysis, tracking and communications)
• Undertakes assurance to validate the effectiveness of the local security activities and controls
• Promote a culture of security and raise awareness
• Oversee the execution of security projects
• Ensure development and maintenance of auditable processes to enforce consistency within the local entity
• Identify and implement coordinated responses to security audit and compliance issues
• Develop, track and control the local security budgets (required to invest, build and run security) in agreement with the CRO and the Corporate CSO

What You’ll Bring

Education & certification
 

• A degree in information security, computer science, information management systems, Business, Accounting or related field
• A post-graduate degree in security or general management (such as an MBA)
   

Certification
 

• Information Security and /or Information Technology industry certification (CISSPor CISM, or GIAC or equivalent) is mandatory
• Business Continuity Industry certification (MBCI, DRII…) is an advantage but not essential
• Physical security certification (CPP, PSP, BTEC…) is an advantage but not essential
   

Overall Work Experience In The Field
 

• Experience in security, IT audit or related area: 15-20 years
• Leadership/ management experience: 5 years
• Previous experience managing a remote/international team
• Previous experience as Chief Information Security Officer or Head of Information Security, or extensive experience reporting to a CEO, CIO, Chief Audit Officer, Chief Risk Officer or other senior executive in an international organization
   

Skills / Abilities
 

• Ability to effectively communicate and negotiate a decentralized and political corporate environment
• Rigor, organization and ability to work and make decision under pressure
• Strong resilience
• Strong networking and interpersonal skills such as Assertiveness, empathy, listening oriented
• Team player
• Ability to apply analytical rigour to understand complex business scenarios
• Fluent in English