AXA XL is an Equal Opportunity Employer and does not discriminate against any colleague or applicant for employment on the basis of race, color, national origin, religion, sex, gender identity and/or expression, sexual orientation, age, disability, genetic information, veteran status, military status or any other category protected by local law. SHARE your talent We’re looking for someone who has these abilities and skills: Microsoft security operations certifications. Security incident detection and response certification would be desirable. Good knowledge of the principles relating to DLP, IDS/ IPS, Firewalls, Proxies, Identity Access Management, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management, etc. Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies. Understanding of threat landscapes and threat modelling, security threat and vulnerability management, and security monitoring. Awareness of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities. Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences. Must take ownership of tasks and demonstrate high degree of autonomy to ensure completion Must be personable and foster good stakeholder and peer group working relationships. FIND your future AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com Inclusion & Diversity AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars: Valuing nature\: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society – are essential to our future. We’re committed to protecting and restoring nature – from mangrove forests to the bees in our backyard – by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change\: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG\: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action \: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day – the Global Day of Giving. For more information, please see axaxl.com/sustainability. Threat Hunter Ipswich UK AXA XL has an exciting opportunity for an experienced Security professional to join our Information Security and Advanced Threat Management team. The successful candidate will be providing incident response, threat hunting, malware analysis, vulnerability assessment and cyber threat intelligence. You will have a history of successfully managing complex high severity cyber security incidents and threats across multiple domains such as infrastructure, application, cloud, database. You will have a proactive and inquisitive mindset and have the ability to analyse event data from various data sources. DISCOVER your opportunity What will your essential responsibilities include? Proactively prevent, detect and respond to Threat Intelligence to reduce cyber risk at AXA XL. Work with our managed SOC vendor and other internal teams for identifying, and deploying defenses against advanced threats. Identify new and dynamic ways to protect AXA XL against the evolving threat landscape. Analyse event data from various data sources; End Point, Cloud Based, Network. Apply knowledge of current and past malware methods, attack methodologies, and TTPs (Tactics, Techniques, Procedures) to discover anomalies and trends within data. Understand the Threat Hunting Maturity Model and Threat Hunt Process and apply the MITRE Attack Framework during investigations. Conduct research using open and closed source intelligence sources. Lead in the capture of attacker techniques, indicators of compromise and objectives, and use the captured information to improve defenses through recommendations for the creation of detection logic. Lead investigations using multiple data/intelligence sources and tools to track down and detect cyber threat actors and activity that may have breached our defenses. Search for security gaps by performing risk assessment, penetration testing, and identifying internal risks. Demonstrate technical security expertise in the security incident detection and response and offensive security field. Manage the response to complex and high severity security incidents. Responsible for taking decisions and identifying required actions. During high severity security incidents, you will help advise the AXA XL CSO on appropriate containment, eradication, and remediation measures. Planning and remediating complex cyber security threats and incidents across the AXA XL IT estate without supervision. Drive the development of the SIEM security control environment. Represent AXA XL to AXA Group and other AXA organizations in the field of threat hunting. Understand and demonstrate the basic principles of digital forensics as it relates to incident detection and response. Develop SOC security incident policies and investigation procedures, for use across multiple information systems and teams, without supervision. Analyze, define, and manage the delivery of new SIEM rules through our managed security service provider. Create new custom detection rules using KQL. Work with the managed SOC vendor pr to tune existing rules. Produce incident reports and post incident improvement assessments. Produce reports for the CSO. You will report within the Information Security Advisory and Advance Threat Management Team.