Head of Security

Key Responsibilities

• Collaborate with and support Group Security and other stakeholders as necessary to ensure that security (Information Security, Operational Resilience and Physical Security) within the local entity is relevant, cost-effective and is delivered in accordance with the Group Security Strategy
• Serve as an expert advisor to the entity leadership team in the implementation and maintenance of security
• Ensure local compliance with the security standards, instructions and strategic initiatives
• Adapts the global security strategy to the entity (taking into consideration the local regulation and specificities), defines the concrete actions leading to its execution and monitors achievement
• Ensure the achievement of the security targets in the entity, as set by Group Security
• Identify and analyze security risks, recommend appropriate mitigation options and document all components in clear, business-intelligible language
• Maintain an understanding of emerging technology, risks and industry trends. Assess the impact on the business environment and recommend appropriate mitigation actions or the prioritization of projects and investments
• Escalate the need to redirect investment or change practices to mitigate critical risks and ensure legal, regulatory or commercial compliance
• Implement continuous improvement processes and activities (e.g. good practices, reporting, problem resolution) to ensure quality and relevance of security services
• Monitor and maintain system confidentiality, integrity and availability and manage security incidents (analysis, tracking and communications)
• Undertakes assurance to validate the effectiveness of the local security activities and controls
• Promote a culture of security and raise awareness
• Oversee the execution of security projects
• Ensure development and maintenance of auditable processes to enforce consistency within the local entity
• Identify and implement coordinated responses to security audit and compliance issues
• Develop, track and control the local security budgets (required to invest, build and run security) in agreement with the CXO and the Corporate CSO

Qualification & Requirements

• A university degree in security and related fields (risks management, audit, international relations, information security…)
• A post-graduate degree in security or general management (such as an MBA) is an advantage but not essential

List of preferred certifications

• Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISM, ISO 27001 Lead Auditor, GIAC or equivalent)
• Business Continuity Industry certification (MBCI, DRII…)
• Physical security / Health and Safety certification (CPP, PSP, BTEC, IOSH…)

Overall work experience in the field

• Experience in security, risks management, audit or related area: 7 to 10 years
• Leadership/ management experience: 5 to 7 years
• Previous experience managing a remote/international team preferred
• Previous experience as interim or acting Chief Information Security Officer, Physical Security Officer, Operational Resilience
• Officer, Business Continuity Officer or extensive experience reporting to a CEO, CIO, Chief Audit Officer, Chief Risk Officer or other senior executive in an international organization

Benefits

At AXA, we care for you.

This is why we have implemented a global program providing our employees with a wide range of support across different stages of their lifes and during moments that matter the most to them.

At AXA our Benefits form a significant part of our overall employee experience.
We combine financial and non-financial rewards, including fixed compensation, variable compensation, local and global benefits

Our objective is to provide to all our employees a competitive and comprehensive supplementary benefits package; competitive with market, fair and inclusive to engage our employees

Our Benefits can either supplement coverages provided by the national systems or be the primary source of benefits in some countries. Our approach is therefore country-driven since benefit plans can vary significantly between countries.

We promote flexible schemes which allow our employees to choose the set of benefits they perceive as high value. Our Sustainability strategy is also reflected by providing access to responsible investment solutions.