Become Security Officer (M/F) at AXA Luxembourg

Roles & responsabilities

As Security Officer, you are passionate about information security. You will be responsible for the implementation and coordination of security initiatives. You are mainly able to deal with technical activities but you are polyvalent enough to support the necessary formalization required by Security Governance (Processes, Procedures, Documentation). You will work in a team of 2, reporting directly to the Chief Information Security Officer and therefore you have a hands-on attitude. Your daily activities are:
• Lead Information Security Management System (ISMS) implementation, risk assessment and Business Continuity plan based on the ISO/IEC 27000 series standards and NIST directive ;
• Implement technical solutions and processes according to the Security Roadmap defined with our Group Security Team.
• Perform audits to validate completeness and accuracy of the information security program ;
• Develop remediation and corrective action plans with related governance and operational functions throughout customer organization ;
• Author and revise information security policies, standards, procedures and guidelines ;
• Manage security projects with external partners
• Define and review security architecture for new applications or infrastructure projects
• Manage day to day security requests and incidents; liaise with local cert (CIRCL)
• Handle client request and/or respond to emerging needs ;
• Conduct compliance monitoring and improvement activities to ensure compliance with internal security policies and applicable laws, regulations and standards ;
• Develop supporting information security awareness, training and educational material ;
• Prepare communication documents and reporting for the local Chief Information Security Officer or Group Security Team

Your profile

Work Experience
• 5 years of experience in Information Security, Cyber security & Data Protection, preferably in the financial sector or in the IT Security Services industry.
• Effective experience in the set-up of Information Security solutions, standards, processes and procedures.
• Experience in defining Information Security Controls and Countermeasures, and methods of analysing their effectiveness.
• Knowledge of Business Continuity Management & Enterprise Risk Management.
• Knowledge of regulatory requirements and their potential business impact from an information security standpoint e.g. GDPR, NIS, OWASP, COBiT, NEN7510, Sarbanes-Oxley, …
• A sound knowledge of ISO 27001/ISO 27002/ISO 27005.

Education & Certification
• Graduate with a degree in IT. A post-graduate degree in Information Security is preferred.
• Certified in CISM, CISA or CISSP is an asset
Technical Skills
• Good understanding of security related technology such as firewalls, WAF’s, IDS/IPS systems, SIEM systems, IAM, etc.
• Relevant experience with the implementation or management in one of these domains is a plus.
• Knowledge of common market security solutions like Active Directory, Varonis, Qualys, Languard, Nessus, etc
• Knowledge of Penetration Testing frameworks
• Development skills in Python and Powershell would be a real asset
• Knowledge of Project Management

Skills & Abilities
• Fluent in French and English
• Good management, presentation and communication skills.
• Autonomous, self-organized, able to meet challenging deadlines
• Ability to function effectively in a matrix structure
• Team player

Interested ?

If you are interested in this position and meet the job requirements, please send your resume and cover letter to our Human Resources Department: jobs@axa.lu