Job Description:

WHAT YOU’LL BRING

We’re looking for someone who has these abilities and skills:

REQUIRED SKILLS AND ABILITIES:

• Hold an active ISC2 CISSP or ISACA CISM certification (Required)
• A good understand of Cloud technologies (Preferred).
• Effective English written and verbal skills mandatory
• Proficient in writing security policies and security standards (Required)
• Expert analytical and reporting skills (Required)
• Expert in Microsoft Office (Word, Excel, PowerPoint, SharePoint) (Required)
• Ability to effectively communicate and positively influence diverse stakeholders and team members (Required)
• Excellent attention to detail and the ability to create clear, concise and engaging presentations (Required)

DESIRED SKILLS AND ABILITIES:

• Experience in global companies (Preferred)
• Experience in information security management reporting and related methodologies (Preferred)
• Experience in implementing ISO 27001/NIST/CSA (Preferred)
• Knowledge of Information Security and Information Technology in relation to application of Policies (Preferred)

WHO WE ARE

AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it.
How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty.
With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.
Learn more at axaxl.com

What will your essential responsibilities include?

The specialist will work under the responsibility of The Head of IS Services & Risk Management and will report to the Security Policy & Standards Lead. The responsibilities will include the following:

• You must have a established IT background and good understanding of IT and Security technologies
• Translating technical jargon and complex IT risks into business language is a must
• Maintaining the ISP and Standards, ensuring proposed changes are evaluated, writing additional Standards and Guidelines
• Capture updates from both AXA Group and AXA XL stakeholders
• Participate in the AXA Group Policy Working Group (PWG), make suggestions and provide feedback on proposed changes. Perform gap analysis of changes against AXA XL ISP and Standards, highlight differences and discuss with stakeholders to see what effort would be required to comply, if this is to be a BAU activity or project
• Prepare and present new and existing security policies and standards requiring change to the Information Security Steering Committee (ISSC) for discussion, answering questions and seeking approval
• Present Information Security Policy and Security Standards updates to the Security Committee (SecCom) including C-level participants.
• Maintain and improve the Policy and Standards Tracker, ensuring all changes are accurately recorded
• Provide formal feedback to AXA Group Security on changes agreed or rejected by AXA XL
• Ensure all IS documentation is reviewed at least annually, recording approved updates
• Use diverse sources to monitor emerging threats and technologies, perform gap analysis against the existing ISP and Standards and produce recommended updates for the ISSC to review
• Promote use of the ISP and Standards across AXA XL by collaborating with Internal Communications and other team leads as required
• Provide guidance in response to questions on ISP and Standards requirements
• Maintain and update the Policies and Standards page of the IS SharePoint site