Job title : Corporate Security Officer
Location : To be defined - Hong Kong or Philippines or Malaysia
Reports to : Corporate CSO Asia
Internal actors : Expected to interact with Local Information Security, Operational Resilience and Physical Security & Safety Teams.
Peer Security officers and Corporate CSO
External actors : Expected to interact with professional organizations, external audit, peers
Support C-CSO in ensuring that security is implemented within the scope in accordance to Group Security Strategy and Framework
Contribute to the development and implementation of a consistent approach to all security topics within the scope, including Information Security and / or Operational Resilience and / or Physical Security and / or Health & Safety
Support C-CSO in providing 2nd line of defence governance and oversight of all security activities within the Market / area of responsibility
Support C-CSO in the oversight of the local security budgets (oversight and execution) and for managing the CSO communities in the Market
Identifies entity strategic requirements and supports the definition of the AXA Group security strategy, framework, operating model and capabilities, bringing expert knowledge, skills, experience, best practice and innovation to enhance security and improve security maturity throughout the Group
Support Crisis Coordinators in place for all entities and when required provides professional support to the Market Leadership Teams, Entity and Group Crisis Management Teams - coordinating the response to multi-entity crises as required
Support the process of security targets setting of his / her entities and monitors the achievement
Ensures alignment / coordination between the entity (CXOs and CSOs) and Group Security
Collaborate with and support the Group Security Practice and other stakeholders as necessary to ensure that security within the local entity is relevant, cost-effective and is delivered in accordance with the Group Security Strategy
Serve as an expert advisor to local security management of the local entity in the implementation and maintenance of security
Support the implementation of security strategy, policies, shared security services and action plans based on the Group Security Strategy
Support the development, implementation and successful execution of security operations not offered by security shared services at the local entity
Identify and analyze market / transversal risks, recommend appropriate mitigation options and document all components in clear, business-intelligible language
Maintain an understanding of emerging technology, risks and industry trends. Assess the impact on the business environment and recommend appropriate mitigation actions or the prioritization of projects and investments
Escalate the need to redirect investment or change practices to mitigate critical risks and ensure legal, regulatory or commercial compliance
Support the implementation of continuous improvement processes and activities (e.g. good practices, reporting, problem resolution) to ensure quality and relevance of security services
Promote a culture of security and raise awareness
Ensure development and maintenance of an assurance framework to enforce consistency between local entity
Support the reporting process of information security, operational resilience and Physical Security & Safety for different levels of customers (top management, middle management and team)
Provide Quality Assurance work on local security implementation
Support the implementation of a coordinated responses to security audit and compliance issues
Track and control the information security budget for purchasing, staffing and operations
Education & certification
A license / bachelor degree in security (either info sec / international security / resilience)
A post-graduate degree in security or general management (such as an MBA) is an advantage but not essential
Certification in one of the below is strongly recommended
Or Information Security and / or Information Technology industry certification (CISSP-ISSAP, CISM, ISO 27001 Lead Auditor, GIAC or equivalent)
Or Business Continuity Industry certification (MBCI, DRII )
Or Physical security certification (CPP, PSP, BTEC )
Overall work experience in the field
Experience in security, IT audit or related area >
Previous experience managing a remote / international team preferred
Previous experience as interim or acting Information Security Officer, Physical Security Officer, Operational Resilience Officer, Business Continuity Officer or extensive experience reporting to a CSO, CISO, CORO, PSO or other 2nd line executive in an international organization.
Skills / abilities
Strong networking skills
Ability to apply analytical rigour to understand complex business scenarios
Fluent in English
Good sense of organisation
Flexibility on working hours
Flexibility with travelling
Would you like to wake up every day driven and inspired by our noble mission and to work together as one global team to empower people to live a better life?
Here at AXA we strive to lead the transformation of our industry. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things.
In a fast-evolving world and with a presence in 64 countries, our 166,000 employees and exclusive distributors anticipate change to offer services and solutions tailored to the current and future needs of our 103 million customers.
We live in anenvironment where social unrest, terrorism, disruptive technologies,unpredictable natural disasters, cyber risk and misuse of information are areality.
As a consequence, the decisionof our customers to partner with an organization is going to be based onwhether they trust that organization to keep them safe and secure.
Our role asGroup Security is to ensure security is embedded in everything we do. We progressivelycreate an environment that fosters a culture of securing our informationassets, takes informed decisions on managing cyber and resiliency risk, andprotects our people.
Vision : Group Security #assures that AXAis #trusted to be #safe, #secure and #resilient. This is accomplished through;
Protect : to provide industry leading security to assure our people, customersand stakeholders that AXA protects them and their information
Support : to create an environment where security is embedded in everything we do
Innovate : to accelerate and support the delivery of innovations, to enable AXA’sfuture growth plans
Enable : to ensure we have the right people, processes, technologies andgovernance to drive the execution of AXA’s security ambitions
Note that securityincludes information security, operational resilience and physical security