Lead, Information Security Engineering at AXA Mansard

Ensure that security vulnerabilities as well as incidents are managed proactively to prevent or minimize disruptions to business activities in case of possible security breaches.

Role Qualification:

Academic/Professional:

• B.Sc./MSc in Computer Science, programming, Information Security/Information Technology, Electrical/Electronic Engineering or Computer Engineering/Information Systems Management or related field
• Experience in information security, business continuity and data privacy. Experience with security testing and technology solutions.
• Recognized professional certifications such as OSCP, Certified in Secured Programming, CEH, CHFI, JPT, CAP, CCSP.

Work Experience: 3 – 5 years’ work experience

Key Responsibilities:

• Continuous Static and Dynamic application security testing.
• Report all vulnerabilities and their status to the CISO/ Head Information Security, CSO and other relevant stakeholders or as directed by the CISO and CSO.
• Have a good knowledge of business risks associated with common security vulnerabilities and be able to effectively communicate same to application developers, Infrastructure & Network Team and/or senior managers effectively.
• Collaborate with and support the Group Information Security Practice, Local CISO/Head, Information Security/CSO and other stakeholders as necessary to ensure that information security within AXA Mansard is relevant, cost-effective and is delivered in accordance with the Group Information Security Strategy.

Required Skills and Competencies

• Strong background and technical knowledge and skills in information technology, information security and cyber security with a clear understanding of security controls design and implementation and information security trends.
• A forensic approach to challenges.
• Ability to work as part of a team and build strong relationships with staff and other relevant individuals.
• Good knowledge of network security, application and database security, identity and access management.
• Knowledge of and in-depth experience with more than one major IT discipline (e.g., distributed computing, networks, financial applications design and development, IT security and business recovery.