Les 25 meilleures formations RSE : notre sélection
As Chief Security Officer, you will be in charge to define, challenge and execute AXA Climate global security policies both in accordance with AXA Group Security Strategy and AXA Climate business needs and particularities: Axa Climate is obviously part of Axa Group but is independent in terms of IT and offices.
You will be in charge to manage the security team to cover all aspects of security: information risk management, cybersecurity, information security control, monitoring, information privacy, operations, identity access management, security architecture. You will have to onboard and structure the businesses on these topics and globally raise the awareness of all collaborators on these issues.
At the crossroads of many stakeholders - the businesses, the IT Team, the Tech Team, the CEO, you will:
Implement security strategies, policies, shared security services and action plans based on the Group Security Strategy.
Collaborate with AXA Group Security Practices and all AXA Climate stakeholders to ensure that security within AXA Climate is relevant, cost-effective and is delivered in accordance with the Group Security Strategy.
Identify and analyze risks, recommend appropriate mitigation options and document all components in clear, business-intelligible language.
Report to AXA Group according to their security monitoring framework.
Identify and implement coordinated responses to security audit and compliance issues.
Serve as an expert advisor in the implementation and maintenance of security.
Monitor system confidentiality, integrity and availability and manage information security incidents.
Monitor and control Operational Resilience risks and security measures (risk assessment, BCP controls, crisis management process and reporting controls)
Monitor and control Physical Security risks and security measures (risk assessment, policies design and controls, traveler security monitoring)
Maintain an understanding of emerging technology, risks and industry trends. Assess the impact on the business environment and recommend appropriate mitigation actions or the prioritization of projects and investments.
Manage the information security budget, staffing and operations.
Promote a culture of security and raise awareness.
