SHARE your talent We are looking for someone who possesses the following abilities and skills: Technical: o Ability to assess and provide assurance over a broad technology landscape and what it may look like in the future. o technical awareness of security concerns and focus areas when reviewing design documentation. o Experience in penetration testing or offensive security roles. o Ability to translate technical issues to business risks. Problem solving: o Ability to recommend solutions relevant to the complexity, scope, risk, and magnitude of problems impacting the service level. Management: o Excellent communication skills with the ability to work effectively with senior management and explain complex matters succinctly and in plain language. o Ability to take calculated risks in decision-making and seek inputs from the team/stakeholders. o Ability to create mechanisms to recognize individual/group contribution and achievements. o Ability to mentor other team members or service providers. Decision making: o Ability to advise on decisions regarding strategy, policy, and structures. o Ability to assimilate and integrate new information for informed decision making. o Ability to monitor changes in the operating environment and act upon potential opportunities. o Ability to weigh things up quickly and take the initiative within limits of authority. Interpersonal skills: o Ability to demonstrate assertiveness and empathy. o Excellent oral communication and persuasive skills. Qualifications / Experience - Must Have: o bachelor’s degree in information security, computer science, or equivalent. o Professional certification in Information Security (e.g., CISSP, CISM, CISA, ISO 27001 Lead Auditor, etc.). Qualifications / Experience - Useful: o Experience conducting need-based audits to assess the effectiveness of Information Security controls. o Experience conducting assessments based on information risk and security requirements. o Knowledge and experience with security frameworks (NIST, ISO, CIS 20, MITRE). o Audit or control experience (SOX, internal audit, external audit, CISA). o Passionate about information risk and security. o Interest in financial services industry. Qualifications / Experience - Optional: o Experience in AXA Group environment. FIND your future AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com Inclusion & Diversity AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars: Valuing nature\: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society – are essential to our future. We’re committed to protecting and restoring nature – from mangrove forests to the bees in our backyard – by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change\: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG\: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action \: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day – the Global Day of Giving. For more information, please see axaxl.com/sustainability AXA XL is an Equal Opportunity Employer and does not discriminate against any colleague or applicant for employment on the basis of race, color, national origin, religion, sex, gender identity and/or expression, sexual orientation, age, disability, genetic information, veteran status, military status or any other category protected by local law. Information Security Assessor London, UK or Paris, France As an information security assessor, your responsibilities will include ensuring the effectiveness of Information Security controls throughout AXA XL, aligning with AXA XL assurance methodologies and frameworks. You will lead end-to-end assurance engagements, contribute to scoping and scheduling business engagements, and maintain the quality of assurance testing services delivered by both internal teams and vendors. DISCOVER your opportunity Providing assurance over the effectiveness of Information Security controls across AXA XL entities and building the consolidated picture to AXA XL executive management, also supporting findings resolution or escalation. Expanding the area of expertise and assurance methodologies and contributing to the definition of the AXA XL Security assurance test strategy and approach to ensure AXA XL goals are tracked and met. Conducting need-based audits to assess the effectiveness of Information Security controls. Conducting assessments based on information risk and security requirements. Contributing to the scoping and scheduling of engagements with the business and managing any issues or conflicts. Conducting assurance engagements end-to-end. Contributing to assuring the quality of the assurance testing services provided by vendors or internal teams. You will report to the Head of Information Security Assurance.