Business Security Expert
AXA
- Brussel
- Vast
- Voltijds
- Coordinating the security awareness activities in AXA Belgium and its branches.
- Monitoring and oversight of all information security aspects affecting staffing policy and 'hybrid working'.
- Coordinating and coaching the Business Security Correspondents in all business and support units of AXA Belgium.
- Acting as contact for all business transformation initiatives in AXA Belgium and framing and monitoring security requirements and recommendations with Business and IT stakeholders.
- Understanding and mapping the criticality ('CIA') of all business processes (e.g. 'RTO') and data (e.g. 'Crown Jewels') in the AXA Belgium landscape;
- Assisting in the maintenance of a general inventory of the information security risks; Defining, coordinating and monitoring recovery or risk-reduction measures. Documenting in a clear, understandable language; Supporting how the information risk preparedness is determined;
- Assisting third parties to assess (outsourcing and branches) whether the local information security policy lines/standards and those of the AXA Group are observed and whether the risks are identified and managed; Ensuring that outsourcing partners comply with the IT security demands during the entire duration of the partnership; Ensuring that suppliers (incl. software) provide services with adequate information security.
- Working on the organisation's ISO27K Plan-Do-Check-Act cycle to manage all aspects of information security; Assisting in the maintenance and the evolution of the information security policies and procedures; Coordinating with internal control (2nd line), internal (3rd line) and external audit, Data Privacy Officer and Chief Data Officer;
- A bachelor degree in computer sciences, technology or a related area;
- An MSc education in information security is desirable, but not crucial;
- 5 years experience in an advanced level of information security;
- Experience in translating the IS risks into the business language and advising the appropriate risk management strategy for a technical solution;
- A certification in the Information Security and/or Information Technology industry (CISSP, CISM, ISO27001 Lead Auditor or similar) is a distinct advantage;
- Excellent communication skills, both spoken and written in French and/or Dutch, and fluent English;
- Experience in a multinational business is an advantage;
- Capable of working efficiently in a matrix structure;
- A strong facilitator, negotiator and focused on resolving conflicts;
- Capable of working comfortably at management level and are good in networking;
- Team player
- Capable of thinking analytically in order to grasp complex business scenarios.