Wrocław, Wrocław, Lower Silesian Voivodeship, Polska
AXA XL Catlin Services SE
25. 12. 2024
Informacje o stanowisku
about-project :
We invent the new to help the world move forward. Combining powerful analytics and deeper insights with bigger ideas and innovative solutions, we free up our clients’ potential, thereby fulfilling our own. Take it seriously. Make it fun. Know it matters.
responsibilities :
Security Posture Management Lead is a new role in AXA XL and will be responsible for managing the team and services for various security posture management practices including:
Public Facing Posture Analysis – is a suite of tools that continually assess our public facing security posture and report on any weaknesses.
Shadow IT detection and response - is the set of products and service to detect the unauthorised use of cloud and internal shadow IT
Cloud security posture management (CSPM) - is the service to detect security posture issues with the AXA XL cloud instances.
Security asset management - is making sure the relevant security controls (such as EDR, AV etc) are deployed to the correct IT assets.
Vulnerability management services – is ensuring that the Vulnerability Management tool suite is functioning correctly.
DDoS – is ensuring that the Distributed Denial of Service systems have appropriate coverage and are functioning as expected.
This role will be responsible for the end-to-end service delivery and continuous improvement of the three areas outlined above. The responsibilities across these areas include:
Lead and manage the team (approx. 6 people) that is responsible for the delivery of the above services.
Drive and maintain the product strategy for the above services. Manage the relevant technical specialists to develop and maintain product roadmaps for the above services.
Manage IT incidents and escalations related to the delivery of the five security services.
Drive continuous improvement in the delivery of the products and services.
Work with Information Security to ensure risks are managed to an acceptable level.
Define, measure and report on key IT Security metrics (KPIs). Develop reporting frameworks and report to key business stakeholders – Business Unit COO’s and Present and the Group Technology leadership.
Partner, communicate and consult with multiple business, IT departments and senior leaders to understand new business requirements and ensure the IT security controls meet the requirements of the business.
Work closely with other leaders and IT teams to enable an integrated approach to service delivery.
Lead regular vendor and service reviews. Work closely with vendors and the XL technical teams to align new business requests with current and future capabilities.
You will report to the Head of Security Operations.
requirements-expected :
Bachelor’s degree in computer science, Engineering, or related field
Expert analytical and reporting skills
Expert in Microsoft Office (Word, Excel, PowerPoint, Access)
Ability to effectively communicate and positively influence diverse stakeholders and team members
Fluent in English (Required)
Information Security and /or Information Technology industry certification (CISM, CRISC, GIAC, CISSP or equivalent)
Experience in articulating IS risks in business language and advising on the appropriate risk management action
Experience in multinational or enterprise size company and dealing with complex organizational structures across multiple time zones
Demonstrate experience in highly pressured environments with competing priorities with the ability to drive and assert security requirements
Experience with Windows servers, Linux, SQL, O365, Firewalls, IPS, MS Azure cloud, are required
Experience with network and Endpoint Security Infrastructure, SIEM, AV, EDR, IPS, Firewall, WAF, DLP, VPN, CASB
Experience in Microsoft O365 Security suite (Defender for Endpoint, Cloud, Identity etc) and Qualysguard are required
Exhibit digital forensic skills for log analysis from multiple digital system types, e.g. OS, SIEM, Firewall, Cloud, Proxy etc
Experience is DNSSEC, DKIM, SPF and DKIM
Experience with securing Microsoft Azure Active Directory
Experience in securing both IaaS and PaaS services
