Job Description - Senior Security Consultant, Information Security
Job Number: 16001231D20230530
Location: Onshore (UK) 2 days on site in Ipswich
The role will be to augment the Information Security team to act as a SME and key stakeholder on several high-profile programs as well as AXA XL sub-entities. You will provide dedicated support and security related technical expertise to your respective Business Partners to enable the business to deliver safe and secure services.
The role will involve working with key stakeholders and product owners to understand and guide future program/product plans and security transformation in digital, as well as to perform risk assessments of current product increments, provide guidance and acquire outcomes/decisions from project managers, enterprise architect, technical architect, solutions architect, data privacy officer, portfolio management office, strategic change development, IT Infrastructure and Operations, and penetration testers. The role is transversal, and this may mean supervising different business units within AXA XL and those operated at arms-length in a security capacity. Ultimately, this role entails managing relationships, ensuring business partners are kept up to date with security initiatives, whilst supporting them to implement good security. Initiatives can vary from business-focused changes to technical security implementations.
Responsibilities:
1. Partnering with business units (AXA Climate, Digital Commercial Platform, Angel Risk Management, Global AG, Brooklyn Underwriting, Innovation and Data Analytics, AXA XL Re-Insurance and others) to ensure security is managed effectively and acting as the primary contact point within security.
2. Establish governance structure to support these activities.
3. Raise awareness of all security activities with understanding of risk impact and reporting.
4. Providing Information Security consultancy including advice for projects, solution design, small changes, audit/assurance, and application of security policy, standards, regulation, and good practice.
5. Ensure security service review meetings with stakeholders take place as needed.
6. Facilitating consumption of security services.
7. Supporting the assessment and interpretation of risk, recommending risk treatment options, tracking, and supporting remediation or acceptance.
8. Develop and maintain relationships with key stakeholders and product owners to proactively engage and understand future product roadmaps and ensure security requirements are considered.
9. Review of in-scope project security requirements and evidence provided by the project manager or scrum master to support closure of Secure Project Lifecycle processes where business units require support.
10. Liaise between business units to support development of Risk Acknowledgement and Mitigation Plans (RAMPs).
11. Support the Head of Information Security Services and Risk Management in dealing with complex, time-dependent activities as necessary.
Qualifications:
1. Bachelor’s degree in computer science, Engineering, or related field with several years of professional experience.
2. Excellent knowledge of working within an Agile Framework such as SAFe.
3. Knowledge of working in a DevSecOps environment.
4. An understanding of performing project risk assessments.
5. Experience in performing Information Security technical risk assessments.
6. Proficient in information security risk and governance frameworks (ISO 27005, EBIOS).
7. Ability to effectively communicate and positively influence diverse stakeholders and team members.
8. Excellent attention to detail and the ability to create clear, concise, and engaging presentations.
9. Information Security and/or Information Technology industry certification (CISSP, CISM, CRISC, GIAC, CISSP or equivalent).
10. Experience in articulating IS risks in business language and advising on the appropriate risk management action.
AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic.
#J-18808-Ljbffr