Job
Description
Principal Technical Security Expert - Applications and Development Wroclaw, Poland AXA XL has an exciting opportunity for a Principal Technical Security Expert, who will be responsible for embedding security (people, processes, and technology) within AXA XL’s application and development teams. You will be required to work with projects and operational teams to develop an appropriate security strategy, architecture and practices that will be embedded into our cloud and identity solutions, securing appropriately our IT platforms and solutions. What You’ll Be DOING The successful candidate will have a track record associated with technical security consulting / security architecture with knowledge of secure application development and testing. What will your essential responsibilities include? Provide thought leadership across Group Technology regarding the design and implementation of secure development techniques and testing mechanisms Manage and influence key stakeholders (capability owners) to provide input and support initiatives related to application development and testing improvements and enhancements Drive the development and enhancement of the secure development across the AXA XL IT estate Make the application testing status quo difficult to enable the application lifecycle to be secure but also meet the needs of the business. Take input from key stakeholder to develop and maintain the secure development and testing roadmap Be the global security expert / owner, for large-scale complex projects that are related to the development of new applications Managing the input from multiple architectures, engineers, and operations personnel to secure development and testing artefacts Drive the development of the security control environment for the AXA XL secure development and testing utilized by AXA XL Lead the security remediation projects technically related to the application development and testing Represent AXA XL to other AXA Group and other entities in the field of application development and testing Be able to demonstrate how proposed designs comply to AXA XL security policies and AXA Group Security standards Responsible for taking security architecture designs through AXA XL’s governance processes Development and continuous evolution of our security target architecture and roadmaps based on sound enterprise architecture practices Working with Global Technology, Information Security, Data Protection Office and IRM teams to align the cloud and identity security control environment Work with Project Managers and other stake holders to produce agreed sets of deliverables, work to project plans and report progress. Provide input to planning, forecasting process and RAID logs where required. Review security technologies, tools, and services, and make recommendations to the broader security and development teams for their use, based on security, financial, and operational metrics You will report within the AXA XL Cyber Defense Team, that is part of the AXA XL IT team. What You Will BRING We’re looking for someone who has these abilities and skills: Previous experience in either application development or application security testing Experience embedding security into development pipelines Experience of creating secure development process and governance; implemting those structures within development pipelines to secure the design, coding and testing of applications Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies Experience with developing security architecture within frameworks such as SABSA Understanding of threat landscapes and threat modeling, security threat and vulnerability management, and security monitoring Awareness of tools and techniques used by attackers to compromise applications, including common application and the flaws and vulnerabilities that make them insecure Experience working in a consulting (internal or external) type of role Working knowledge of design principles relating to DLP, IDS/ IPS, Firewalls, Proxies, Identity Access Management, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management. Experience in working with the Solutions and Technical Architects to ensure solutions designs include the appropriate security guardrails to reduce risk and protect sensitive internal and external client information. Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences Experience in taking ownership of tasks and demonstrate high degree of automony to ensure completion Personable and foster good stakeholder and peer group working relationships Experience in driving and supporting RFP/RFIs & SOWs, including managing suppliers Recognised Cyber Security certifications, such as CISSP, CIISEC (member of fellow), CISM, SANS, SABSA, OSCP are advantageous Who WE Are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com What We OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and enables business growth and is critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most inclusive workforce possible, and create a culture where everyone can bring their full selves to work and reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe. Robust support for Flexible Working Arrangements Enhanced family-friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Total Rewards AXA XL’s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security. It provides competitive compensation and personalized, inclusive benefits that evolve as you do. We’re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future. We’re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change: The effects of a changing climate are far-reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving. For more information, please see axaxl.com/sustainability. AXA XL is an Equal Opportunity Employer. Show more Show less
