Cyber Security Internal Audit Manager – (M/F)

Cyber Security Internal Audit Manager – (M/F) (240004C5)

Primary Location

: FRANCE-75-PARIS-PARIS

Organization

: GIE AXA

Contract Type

: Regular

Shift

: Day Job

Schedule

: Full-time 

Description

Whatever their stage of life, we provide over 108 million customers with the products and services they need to progress. From insurance to personal protection, and savings to wealth management, no matter the need we’re always there for them. And we’re always there for our employees. In 50 countries, we work hard to inspire pride and a sense of belonging in our people. To provide opportunities that challenge them, inspire them, and reward them. And to create a culture that’s open, supportive, and empowering. Because we know that’s the real secret to success – and the best way for us to keep building a better world for both our customers and the talented people who put them first.

Your work environment

The headquarters of the AXA Group (GIE AXA) brings together our corporate activities. It provides guidance and support to subsidiaries around the world, to ensure the coordination and monitoring of the Group’s global strategy, the application of its standards, the consistency of commercial approaches and the sharing of best practices. The headquarters gathers approximately 1000 employees and is distinguished by its strong international culture (45 nationalities), which makes it a rich and stimulating place to work.

Job purpose

To lead and perform independent security reviews of IT systems and environments, projects and processes implemented or planned across the various Group entities.

Dimension

• Lead or support up to 8 Internal Audit engagements each year across the entire AXA Group
• Lead IT transversal audits (i.e. global audits impacting all Group entities)
• Share expertise and experience with the AXA Global IT Audit community by developing and maintaining IT Security Audit workprogram and tools (Global Subject Matter Referent for databases)
• Management & development of junior security auditors.

Context & major challenges

• Transversal audits have major impacts on AXA governance and processes, both at Group and entity levels.
• Numerous information security related issues already open and requiring to be followed-up with operational stakeholders. Topic is in the agenda of AXA top management.
• All activities performed in compliance with international auditing and AXA standards, being tightly reviewed during external Quality Assessments and the French regulator (ACPR).
• Flexibility needed to manage schedules with Internal Audit teams across the Group due to the fact that the Central audit team is used as a hub of expertise

Key accountabilities

Audit delivery

• Lead the definition, the planning, the organization, the management and the realization of reasonably complex IT security audit assignments.
• Manage local auditors, or transversal audit teams across regions (transversal audits)
• Accountable for the reporting of findings and formalization of added value recommendations.

Issues follow-up

• Accountable for the follow-up of past recommendations.
• Act as a sparring partner with issues owner to help remediate risks using a risk-based approach.

Stakeholders management

• Represent Internal Audit on audit debriefing to Senior Management.
• Act as a sparring partner with stakeholders on a day to day basis (Audit coordinator role for Group Operations BUs and Corporate Center entities).

Team management

• Management, training & development of a team of junior auditors

Contribute to Internal Audit Community

• Lead or contribute to the development and the maintenance of IT security audit workprograms and tools.
• Lead or contribute to internal projects aiming to benefit to the global pool of IT auditors.
• Share expertise and experience with the IT Global Audit community.

Qualifications

• Proven very strong expertise in one or several of the following domains is required: information security (including penetration testing), source code review, infrastructure & application & database & network security audits.
• Knowledge of standard IT & security audit methodologies, frameworks and tools is a clear plus.
• Inquiring and analytical mindset. Rigorous with strong perseverance skills.
• Ability to anticipate risks and to take initiatives. Can handle unforeseen changes.
• Demonstrates capacities to convince his/her interlocutors, including in contexts of conflict and complex situations.
• Good organizational and time management skills. High level of autonomy.
• Open-minded and dynamic, ability to work within a multicultural team
• Keen to proactively play an active and constructive role in the global IT Audit function.
• Produce quality reports requiring limited review workload from management.
• Engineer, min. 6 years of IT security audit experience or min. 9 years of security operational experience.
• Be passionate of technology and information security (e.g. know how to search for IT related knowledge, attend to information security conferences, follow information security news, ..)
• Have strong IT skills, including at least one programming language and good knowledge of operating systems (e.g. Windows, Linux), databases and network architecture and security principles.
• Previous experience of IT security audit gained while working in an audit firm would be a clear plus.
• Professional certifications like CISA, CISM, CISSP, OSCP, CGEIT, CRISC and GSNA is a plus.

About AXA Why AXA ? Every day, we work together for human progress by protecting what matters. A mission that puts a smile on your face and makes you want to get up in the morning !

One of the world’s leading insurers in the protection of property, people and assets, AXA is 145,000 employees and contributors who are committed to our customers on a daily basis, 51 countries in which we distribute our products and services and more than 90 million customers who place their trust in us worldwide. As a responsible corporate citizen, AXA is committed to social and environmental causes on a daily basis. We are committed to an inclusive policy that recognizes and values individual differences. Do these ambitions speak to you ? Then come and change the world with us !

The headquarters of the AXA Group is based in Paris – La Défense (Majunga Tower) and brings together the Group’s corporate activities. It is distinguished by its strong international culture.

What We Offer You will join:

• A responsible company, towards people, including its employees and customers, and towards the planet
• A company with strong values
• A company promoting internal mobility and the training of its employees
• A company offering many benefits (learn more here: Reward & Benefits vacanciesin.eu AXA Group)
• A flexible company, allowing hybrid work, in the office and from home.

The information provided by applicants will be treated as strictly confidential and used for recruitment purposes only.

Read Full Description