IT Security - Continuous Improvement Manager (Fixed-term contract, 20 months)

Wrocław, Poland

We invent the new to help the world move forward. Combining powerful analytics and deeper insights with bigger ideas and innovative solutions, we free up our clients’ potential, thereby fulfilling our own. Take it seriously. Make it fun. Know it matters.

AXA XL’s IT Security team’s role is to bridge the gap between Security policy and practical IT implementation.

The main purpose of the Continuous Improvement Manager is to coordinate improvement and remediation plans of IT teams pertaining to Security controls.

The role offers exposure to a variety of security domains and requires a combination of organisational & documentation skills, analysis and problem solving, relationship building & communication. While Security acumen will be helpful, deep expertise of the candidate to that role is not essential, as SMEs in that domain are accessible in the team.

Key relationships will include: Internal Audit, IT Risk & Governance, Information Security Assurance, Global Technology Leadership & teams, Head of IT Security, Head of Security Product Management, Security Project Portfolio.

What You’ll Be Doing

• Tracking of formally defined remediation plans to resolution
• Be the central coordination point across GT for IT Security action plans resulting from Audit, Risk Second Opinion, Information Security Assurance findings.
• Track status, make sure adherence to deadlines and elevate delays early
• Partner with IT Risk & Governance and Information Security Assurance to make sure clarity & collaboration throughout the process.
• Support the relevant IT teams in the creation and review of appropriate closure documents
• Root cause analysis and joint problem solving
• For selected new issues & improvement points – originating either from formal or informal source, coordinate the root cause analysis & remediation planning across the organisation.
• Facilitate workshops and meetings
• Foster collaborative culture and XL’s strategic behaviours: Start with the Client, Own IT, Solve IT Together & Actually Make IT Better
• Document findings
• Ensure hand‑off of the defined plan to appropriate owner
• Build trust‑based relationships with members of the Global Technology & Security teams
• Support and improve IT Security Governance Forums
• Coordinate agenda definition & materials gathering for selected regular governance forums & working groups, ensuring materials are ready in time and of good quality
• Work with IT Security team leadership to make sure the working groups and governance meetings play a constructive role in the continuous improvement of IT Security in XL
• Support relevant IT & Security teams in definition and clear reporting of security control metrics which help drive the right improvement decisions & allow early detection of issues
• Act as Risk Champion for the IT Security team
• Be the dedicated point of contact for IT Risk management in the IT Security function
• Educate the IT Security team on the IT Risk Management Framework and assist colleagues to apply it correctly to identify, assess, manage, monitor, and report all risk events
• Make sure appropriate IT Security Risk Events are recorded and documented and provide meaningful leadership updates on those risks when necessary.

You will report to Head of Security Product Management.

What You Will Bring

Required Skills And Abilities

• Business analysis: ability to listen, ask the right questions, draw critical conclusions from data and search for options across people, process and technology
• Communication: comfortable in shifting between conversations with low‑level technical SMEs and leadership level updates
• Technical acumen & curiosity: ability to confidently relate technical context shared by SMEs to business & security outcomes; willingness to expand your technical & security understanding
• Ability to organise your own and others’ work – efficient & clear tracking of progress, realistic planning
• Documentation management ability to adhere to and improve a standard of documentation to make sure they are clear, professional, traceable to decisions and support your role’s objectives
• Has significant working experience in a highly technical environment in roles such as business analyst, project manager (i.e. integration, DevOps, IT Infrastructure projects) OR in an audit/ security role pertaining to technology
• Proven experience in driving change and problem‑solving across teams & departments
• Experience in leading and tracking progress on a portfolio of concurrent activities that requires adherence to a strict timeline and support of multiple people outside of your own team
• Exposure to & understanding of the concept of risk and risk frameworks in prior roles – at minimum in the form of tracking & managing project‑related risks
• (Beneficial, not mandatory) Experience in financial industry and working understanding of the regulations that an insurance or other regulated company is subject to (i.e. DORA, CFIUS, GDPR, SHREMS II …)

Qualifications (desirable, Not Mandatory)

• Relevant risk or security qualifications
• Project management qualifications
• Business analysis qualifications
• Exposure to & understanding of IT Security controls in prior roles
• Experience developing and measuring control effectiveness

Who WE are

AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid‑size companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it.

How? By combining a comprehensive and efficient capital platform, data‑driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business – property, casualty, professional, financial lines and specialty.

With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.

Learn more at axaxl.com

Inclusion

AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and enables business growth and is critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most inclusive workforce possible, and create a culture where everyone can bring their full selves to work and reach their highest potential. It’s about helping one another — and our business — to move forward and succeed.

• Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe.
• Robust support for Flexible Working Arrangements
• Enhanced family‑friendly leave benefits
• Named to the Diversity Best Practices Index
• Signatory to the UK Women in Finance Charter