Security Operations Center Platforms Lead

With over 102 million customers in 56 countries, AXA's strong global franchises and three lines of expertise - Property & Casualty, Life & Savings and Asset Management - provide a distinctive business portfolio. As a company whose business is to protect people, we have a responsibility to leverage our skills, resources and risk expertise to build a stronger and safer society. To achieve our mission, we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders.

As an integral part of AXA, at AXA Group Operations (AXA GO) we create innovative technology and data solutions to help AXA fulfil its ambition of being a customer-focused, tech-led company. AXA GO is a young and dynamic division launched in 2019 and comprises 8,000 employees across 17 countries all around the globe from Paris, France to Pune, India. We are the ones providing advice, steering technological choices and giving AXA access to innovations that will support its transformation into a customer-centric tech-led company. For this, we work in close partnership with all AXA entities.

PRESENTATION OF THE CONTEXT AND AXA GROUP SECURITY

Throughout AXA, the security community represents 1000+ security professionals, protecting our customers, employees, operations, and brand. Our operating model gathers the three security disciplines Information Security, Operational Resilience and Physical Security & Safety. Our security mission is to ensure that AXA is safe, secure and resilient.

AXA Group Security, part of AXA GO, defines the security strategy, standards, practical means and provides assurance to the Group on the security maturity of all entities across AXA. In its role, it also supports our professional family in entities in maintaining their security posture and respond and coordinate responses to crisis.

This is accomplished through four strategic levers:

1. Safe: It is about our people, have them ready to face security challenges.
2. Secure: Secure the business of today and tomorrow, by increasing security effectiveness and provide practical means to deliver a risk-based approach for all entities.
3. Resilient: Enhance anticipation, detection and reaction capabilities & security by design.
4. Simple: Simplify, converge and automate our services and activities.

CYBER DEFENSE

Within Group Security, the Cyber Defense department provides first line of defense services to the entities and employees. Cyber Defense has a wide portfolio of Security People and Technology to support the realization of the Security Policy and instructions. Cyber Defense’s Security Operations Center (SOC) is where prevent, detect and response to cyber threats come together. The SOC delivers the following capabilities to the entities around the globe: Security Monitoring and Detection, Security Incident Response, Digital Forensics, Threat Intelligence and Threat Hunting.

POSITION MAIN ACTIVITIES

The SOC Platforms Lead is responsible for the operation and evolution of the SOC-relevant platforms and toolset comprising Log Collection, Security information and event management (SIEM), Security Orchestration, Automation, And Response (SOAR), security incident management (SecOps), Security Self Service Portal (SSSP), Threat Intelligence Platform (TIP) and other platforms and tools used by the SOC.

Key responsibilities:

• Be accountable for the SOC platforms in scope.
• Provide leadership, guidance and expertise to entities, SOC teams and 3rd parties managing SOC platforms.
• Drive of 3rd party ensuring platforms effective operation and continuous improvement.
• Ensure compliance of third parties with contract, service description and service level agreements.
• Own the high- and low-level design.
• Refine and evolve operational processes.
• Ensure implementation of and compliance with company ITIL processes.
• Contribute to cost forecasting and drive capacity management.
• Conduct operational and service governance with third party teams.
• Review key performance indicators of third parties.
• Identify areas of improvement, define improvement activities and drive service improvement plan.
• Support onboarding, use case factory teams and product lead expert to identify appropriate solutions.
• Support service management team to represent the SOC platforms in front of entities.
• Ensure the integration of project deliverables in the SOC technology and processes.
• Own the service description of relevant services.
• Manage capacity (forecasting) of demand for the SOC and its associated technologies.
• Act as escalation contact for the third-party teams, SOC, and entities for SOC Platforms relevant topics.

Scope: All AXA entities

Team structure: Security Operations Center comprises of Security Monitoring and Detection, Security Incident Response & Forensics and SOC Lifecycle and Integration teams.

Stakeholders:

• Internal actors: Group IT and Cyber Defense teams, Group Security, Entities, Group Procurement, Group Finance, GO Markets, GO Partnership Office, Security Operations Center operational teams.
• External actors: vendors, professional bodies, industry peers.

PROFILE, SKILLS & COMPETENCIES

Experience

• Experience in Information Security > 5 years.
• Experience in IT > 10 years.
• Hands on experience in a range of technologies e.g. Cloud, SOC, SIEM, SOAR, IAM, IPS/IDS, WAF, HIPS, Firewalls, PUAM, Microsoft 365, Windows, Linux, Azure, Amazon Web Services, etc. > 5 years.

Education

• Post-graduate degree in Computer Science or a closely related subject.

Skills

• Public cloud architecture and security (especially Azure).
• Ability to function effectively in a matrix structure.
• Operate comfortably at management level.
• Strong facilitation, negotiation, and conflict resolution skills.
• Strong presentation skills.
• Strong networking skills.
• Team player.
• Apply analytical rigor to understand complex business scenarios.
• Professional and positive approach.
• A can-do attitude and willingness to go the extra mile when required.
• Cross cultural sensitivity, flexibility.
• Fluent in English.