Detection Engineering Lead

Detection Engineering Lead (240009DI)

Primary Location

: FRANCE-75-PARIS

Organization

: Group Operations

Contract Type

: Regular

Schedule

: Full-time 

Description

JOB ENVIRONMENT

With over 102 million customers in 56 countries, AXA’s strong global franchises and three lines of expertise Property & Casualty, Life & Savings and Asset Management provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders. 

As an integral part of AXA, at AXA Group Operations (AXA GO) we create innovative technology and data solutions to help AXA fulfil its ambition of being a customer-focused, tech-led company. AXA GO is a young and dynamic division launched in 2019 and comprises 8,000 employees across 17 countries all around the globe from Paris, France to Pune, India. We are the ones providing advice, steering technological choices and giving AXA access to innovations that will support its transformation into a customer-centric tech-led company. For this, we work in close partnership with all AXA entities. 

PRESENTATION OF THE CONTEXT AND AXA GROUP SECURITY 

Throughout AXA, the security community represents 1000 security professionals, working daily to protect our employees, customers, operations and brand. Our operating model gathers the three security disciplines Information Security, Operational Resilience and Physical Security & Safety. Our security mission is to ensure that AXA is safe, secure and resilient.

AXA Group Security, as part of AXA GO, defines the security strategy, standards and provides assurance to the Group on the security maturity of all entities across AXA. In its role, it also supports our professional family in entities in maintaining their security posture and respond and coordinate responses to crisis.

This is accomplished through four strategic levers:

Safe: It is about our people, have them ready to face security challenges including third parties, health professionals

Secure: Secure the business of today and tomorrow, by increasing security effectiveness on a risk-based approach for all entities.

Resilient: Enhance anticipation, detection and reaction capabilities in case of events & Security by design

Simple: Simplify, converge and automate our services and activities

CYBER DEFENSE

Within Group Security, the Cyber Defense department provides the entities and markets with first line of defense services. Under Cyber Defense, Security Operations Center (Security Operations Centre) is designed to prevent, detect, and react to cyber threats. 

POSITION MAIN ACTIVITIES 

Security Operations Center (SOC) delivers the following capabilities to the AXA entities around the globe: Security Incident Detection, Threat Hunting, Security Incident Response and Threat Intelligence.

The Detection Engineering Lead is a critical role within our Global SOC, responsible for leading the development, implementation, and optimization of advanced detection capabilities. This role requires deep expertise in threat detection, security technologies, and leadership to drive the SOC’s mission of protecting the organization’s digital assets. The successful candidate will work closely with cross-functional teams, focusing on designing and implementing effective detection strategies that can anticipate and mitigate threats in a dynamic and complex global environment. Collaboration with dedicated threat hunting and incident response teams is key to ensuring seamless operations.

Key Responsibilities

• Detection Strategy Development: Lead the creation, refinement and delivery of detection strategies that address both current and emerging threats across the global organization
• Detection Engineering: Design, implement, and optimize detection use cases, rules, and algorithms within SIEM, EDR, and other detection platforms
• Collaboration with Threat Intelligence Teams: Timely leverage actionable threat intelligence for designing better detections and continuously improving them
• Collaboration with Security and Detection Teams: Ensure Security Analysts have the necessary information and means to properly analyse alerts from detections delivered
• Collaboration with Threat Hunting Teams: Partner closely with dedicated threat hunting teams to share insights and refine detection capabilities based on their findings and intelligence, ensuring that detection strategies remain proactive and responsive to emerging threats
• Collaboration with Incident Response Teams: Work closely with incident response teams by providing them with robust detection capabilities and ensuring that the tools and techniques in place are effectively identifying and categorizing threats for timely response
• Automation & Orchestration: Lead efforts to automate detection processes and integrate advanced detection techniques using SOAR platforms
• Collaboration & Communication: Work closely with global SOC analysts, IT, and business units to ensure alignment of detection capabilities with business priorities and risk profiles
• Leadership & Mentorship: Lead and mentor a team of detection engineers and experts, fostering a culture of continuous improvement and innovation
• Metrics & Reporting: Develop and report on key performance indicators (KPIs) related to detection efficiency, effectiveness, and coverage to senior management
• Technology Evaluation: Stay abreast of emerging technologies and trends in cybersecurity, leading the evaluation and implementation of new tools and techniques that enhance detection capabilities
• Compliance & Best Practices: Ensure that detection strategies and operations comply with relevant regulations, standards, and b 

Scope: All AXA entities

Team structure: Security Operations Center comprises of Security Monitoring and Detection, Security Incident Response & Forensics, Platform Management, Lifecycle & Integration and Quality Assurance teams.

Stakeholders:

• Internal actors: Group IT and Cyber Defense teams, Group Security, Entities, Group Procurement, Group Finance, GO Markets, GO Partnership Office, Security Operations Center operational teams
• External actors: vendors, professional bodies, industry peers

Qualifications

PROFILE, SKILLS & COMPETENCIES 

Experience

• Experience in Information Security > 8 years
• Experience in a similar role > 2 years

Education

• University degree in information security or equivalent work experience

Skills and Competencies

• Analytical Mindset: Strong analytical and problem-solving skills with the ability to think critically and identify patterns in complex datasets
• Leadership and Teamwork: Excellent leadership abilities with a proven track record of building and developing high-performing teams
• Communication: Strong verbal and written communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders
• Adaptability: Ability to work in a fast-paced environment and adapt to evolving threats and technologies
• Proactive Attitude: Strong sense of initiative, with a proactive approach to identifying and mitigating security risks
• Global Awareness: Understanding of global cybersecurity regulations and standards, particularly in the insurance industry

About AXA As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working with 105 million customers, we’ve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we’re nurturing a culture of

respect, for each other, for our customers and the communities around us. Join AXA and you’ll feel like you belong, are included and can thrive. You’ll be able to shape the way you work and truly grow your potential as you seek out new opportunities, push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.

AXA is becoming a sustainable tech-led company and at AXA Group Operations we are one of the major catalysts for this transformation. 

We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation, driving its concrete implementation globally at speed, with a high quality of advisory and execution.

We are present across 17 countries with committed, highly qualified teams. We leverage technology, data, sourcing, security and investment allocation in a global way, but also achieve economies of scale and synergies when necessary.

At AXA Group Operations, we want to be recognized in three fields of action:

• State-of-the-art Data Technology to drive customer experience
• State-of-the-art Procurement & Sourcing to drive efficiency and better manage risks
• High-Performing Global Team for stronger partnerships with AXA entities 

What We Offer 

We bring together the expertise, cultural diversity and creativity of over 8,000 employees worldwide and we’re committed to equal opportunities in all aspects of employment (gender, LGBT+, disabled persons, or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued.

Read Full Description