Entreprise
AXA Group Operations – Centre opérationnel d’excellence du Groupe AXA.
Chez AXA, notre mission est de donner aux gens les moyens de vivre une vie meilleure. Grâce à l'innovation et à l'exécution, nous devons passer du statut de « Payeur » à un partenaire de confiance dans la vie de nos clients. Les objectifs concrets des activités du groupe sont de créer de la valeur pour l’organisation globale AXA, de collaborer avec le groupe Business Innovation pour encourager l’innovation et intégrer la simplicité et l’autonomisation dans notre contribution à la mission et à la stratégie d’AXA.
Présent dans plus de 18 pays, AXA Group Operations est le centre opérationnel d’excellence du Groupe AXA. Opérant dans les domaines de l’IT (Information Technology), Data & Innovation, Sécurité Informatique, Finance, Procurement, Transformation et Outsourcing, nous accompagnons la stratégie du Groupe : Devenir une entreprise innovante « Customer driven & Tech-led ».
AXA Group Operations Maroc
Présente au Maroc depuis 2009, AXA Group Opérations Maroc est une entité d’offshoring. Avec ses 300 collaborateurs et ses différents centres d’expertise opérant dans les domaines de l’informatique, de la Gestion de projet, de la Finance et des Ressources Humaines, AXA GO Maroc soutient Group Operations dans la réalisation de sa mission.
Adresse
Technopolis Pôle Offshoring Rabat, Immeuble B2 Axa
Poste
Position Mission:
- As a Senior Manager in Security Technology & Operations, your primary mission is to lead the organization's technology-driven security initiatives and manage the operational aspects of the security infrastructure.
- You will possess a deep expertise in developing and implementing advanced security technologies, managing cybersecurity operations, and ensuring the alignment of security measures with the company's strategic objectives.
- Your role will involve close collaboration with IT departments, internal stakeholders, and external vendors to enhance the organization's security posture and operational resilience while ensuring regulatory compliance.
Key responsabilities:
- Strategic Leadership and Vision: Develop and implement a comprehensive strategy for security technology deployment and operations management. Provide visionary leadership in integrating cutting-edge security technologies to protect the organization against emerging threats.
- Security Technology Management: Oversee the selection, implementation, and management of security technologies, including but not limited to, intrusion detection systems, firewalls, antivirus software, and security information and event management (SIEM) solutions.Ensure these technologies are optimally configured, updated, and maintained to provide maximum protection.
- Operational Security Oversight: Manage day-to-day security operations, ensuring robust monitoring, detection, and response processes are in place. Oversee the security operations center (SOC) and ensure incident response plans are effectively executed.Leadership and Development: Lead a high-performing team of security professionals. Foster a culture of continuous learning and professional development, ensuring team members are skilled in the latest security technologies and practices.
- Audit, Compliance, and Risk Management: Conduct regular security assessments and audits to identify vulnerabilities. Manage the risk assessment process and ensure compliance with relevant security standards and regulations. Oversee the development and implementation of policies and procedures to mitigate identified risks.
- Stakeholder Engagement and Communication: Act as a key liaison between the security team and other business units. Communicate effectively with stakeholders at all levels, including executive management, to align security initiatives with business goals.
Technical Skills Required:
- Advanced Security Technologies Expertise: Deep knowledge of and experience with advanced security technologies and solutions, including Next-Generation Firewalls (NGFWs), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) solutions, and Advanced Threat Protection (ATP) tools. Familiarity with encryption technologies, identity and access management (IAM) solutions, and network segmentation strategies.
- Cybersecurity Operations Management: Proven track record of effectively managing a Security Operations Center (SOC), including incident detection, response, and recovery. Expertise in developing and implementing operational procedures for threat monitoring, analysis, and rapid incident response. Knowledge of threat hunting practices and the use of artificial intelligence (AI) and machine learning (ML) in enhancing detection capabilities.
- Cloud Security: Comprehensive understanding of cloud computing models (IaaS, PaaS, SaaS) and cloud security frameworks. Experience in securing cloud environments, including AWS, Azure, and Google Cloud, through the implementation of cloud security best practices and tools.
- Security Architecture Design and Review: Ability to design, review, and enhance security architectures for complex IT environments. This includes understanding the principles of secure network design, application security, and data security. Expertise in conducting security architecture reviews and vulnerability assessments to identify and mitigate potential security risks.
- Regulatory Compliance and Standards: In-depth knowledge of international and regional regulatory compliance requirements and security standards, such as GDPR, HIPAA, PCI-DSS, ISO/IEC 27001, and NIST frameworks. Ability to guide the organization in achieving and maintaining compliance with these standards.
- Risk Management: Strong skills in identifying, assessing, and prioritizing cybersecurity risks. Experience in developing and managing risk mitigation strategies, conducting risk assessments, and implementing risk management frameworks.
- Project Management: Excellent project management skills, with experience in leading cross-functional teams in the deployment of security technologies and the execution of security projects. Familiarity with project management methodologies and tools.
- Automation and Orchestration: Knowledge of security automation, orchestration, and response (SOAR) tools and practices. Ability to implement automation to streamline security operations and response processes.
- Cryptography and Data Protection: Understanding of cryptographic principles and data protection technologies. Experience in implementing data encryption, tokenization, and data masking solutions to protect sensitive information.
- Communication Networks: Solid understanding of communication network structures, protocols, and security challenges. Experience in securing wired and wireless networks, including VPNs, and managing network access controls.
People Management Skills:
- Leadership of High-Performing Security Teams: Demonstrated success in leading security teams that exceed performance expectations. Includes building team structures that facilitate collaboration and efficiency, as well as fostering a culture of continuous improvement and innovation.
- Motivation, Coaching, and Skill Development: Skilled in identifying individual team members' strengths and areas for growth, offering personalized coaching and mentorship. Implementing development plans that align with both organizational goals and personal career aspirations of team members. Encouraging a learning environment where team members are motivated to acquire new skills and certifications.
- Conflict Management and Positive Workplace Culture: Proven ability in handling interpersonal conflicts effectively, mediating disputes and promoting a culture of understanding and respect. Crafting strategies to enhance team cohesion and ensure a supportive, inclusive work environment where diversity is valued and every team member feels empowered to contribute.
- Goal Setting and Performance Monitoring: Expertise in setting clear, measurable objectives for the team and individual members, aligned with organizational priorities. Regularly reviewing performance against these goals, providing constructive feedback, and adjusting strategies as needed to meet evolving challenges.
- Talent Management and Professional Development: Strategic approach to talent management, including identifying potential leaders within the team and supporting their growth through targeted training and leadership opportunities. Fostering a culture of professional development, encouraging team members to pursue opportunities that enhance their skills and contribute to their career progression.
- Effective Communication: Exceptional communication skills, able to convey complex security concepts and strategies in a clear, concise manner to a variety of audiences. Promoting open lines of communication within the team, ensuring that all members are informed of expectations, progress, and changes in security posture or strategy.
- Adaptability and Resilience: Ability to adapt leadership style and strategies to changing security landscapes and organizational needs. Building resilience within the team to navigate uncertainties and recover from setbacks while maintaining focus on strategic goals.
Relationship with Partners:
- Establishing and Maintaining Strong Professional Relationships: Ability to forge and sustain robust professional relationships with a wide range of. This includes regular communication, understanding their capabilities and limitations, and aligning their services with the organization's security needs.
- Negotiation and Contract Management: Skilled in negotiating terms and managing contracts with security service providers to ensure that agreements meet the organization's security requirements and budget constraints. This includes the ability to articulate clear service level agreements (SLAs) and ensure compliance through regular review and adjustment processes.
- Collaboration on Shared Security Initiatives: Experience in initiating and managing collaborative security projects between companies, including joint ventures, shared threat intelligence, and collective defense strategies. Demonstrating the ability to work across organizational boundaries to enhance the overall security posture.
- Security Governance with Partners: Developing and implementing governance frameworks to oversee the security aspects of partnerships. This involves setting up regular governance meetings, establishing clear roles and responsibilities, and ensuring that partners adhere to agreed-upon security standards and practices. It includes the management of shared risks and the seamless integration of partner services into the organization's overall security strategy.
- Continuous Improvement and Alignment: Continuously assessing and improving the effectiveness of partnerships in contributing to the organization's security objectives. Ensuring that partner strategies remain aligned with the evolving security landscape and organizational priorities.
- Compliance and Risk Management: Ensuring that all partnerships comply with relevant laws, regulations, and industry standards related to security. Proactively identifying and mitigating risks associated with third-party services, including conducting regular audits and assessments of partner security measures.
Profile recherché
- Advanced degree in computer science, information security, or a related field ;
- Significant experience in a similar role, ideally in a similar environment ;
- Desired professional security certifications (ISO27XXX, CISSP, CISM, CRISC, etc.) ;
- Proficiency in English, both written and spoken ;
- Intercultural sensitivity, flexibility ;
- Organized with a proven ability to manage workload, meet deadlines, and use time efficiently ;
- Good interpersonal and communication skills, effective teamwork ;
- Ability to function in a matrix structure ;
- Strong analytical skills.