Principal Technical Security Expert - London, United Kingdom - XL Catlin

XL Catlin

Verified Company

London, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Flexible Work Eligible:
Flexible Work Schedule

DISCOVER your opportunity

LOCATION:
London UK, Poland, Stamford USA

AXA XL has an exciting opportunity for a Principal Technical Security Expert, who will be the global security lead responsible for the design and implementation (people, processes, and technology) of all security technologies implemented across AXA XL's IT estate.

You will be required to work with projects and operational teams to develop an appropriate security strategy, architecture and practices that will be embedded, securing appropriately our IT platforms and solutions.

DISCOVER your opportunity

Provide thought leadership across Group Technology regarding the design and implementation of security technologies
Take input from key stakeholders to develop and maintain the security technology roadmap
Manage and influence key stakeholders (capability owners) to provide input and support initiatives related to security technologies improvements and enhancements
Drive the development and enhancement of the security control environment across the AXA XL IT estate
Be the global technical expert / owner, for largescale complex projects (>1m USD, involving numerous technical teams) that are related to the deployment of security technologies
Own, drive the creation of domain artefacts, managing the input from multiple architectures, engineers, and operations personnel to create security domain artefacts
Represent AXA XL to AXA Group and other AXA organizations in the field technical security
Manage and drive third party suppliers to deliver the required solutions to time, specification, and budget
Be able to demonstrate how proposed designs comply to AXA XL security policies and AXA Group Security standards
Responsible for taking security architecture designs through AXA XL's governance processes
Development and continuous evolution of our security target architecture and roadmaps based on sound enterprise architecture practices
Working with Global Technology, Information Security, Data Protection Office and IRM teams to align the cloud and identity security control environment
Work with Project Managers to produce agreed sets of deliverables, work to project plans and report progress. Provide input to planning, forecasting process and RAID logs where required.
Review security technologies, tools, and services, and make recommendations to the broader security and development teams for their use, based on security, financial, and operational metrics

You will report within the AXA XL Cyber Defense Team, that is part of the AXA XL IT team.

SHARE your talent

SHARE your talent
We're looking for someone who has these abilities and skills:

Good knowledge of the principles relating to DLP, IDS/ IPS, Firewalls, Proxies, Identity Access Management, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management, etc.
Understand the transformation of traditional data center security measures into hybrid and Cloud deployment
Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies
Experience with Security Architecture (e.g., SABSA, CISSP, etc.) and/or credentials
Understanding of threat landscapes and threat modeling, security threat and vulnerability management, and security monitoring
Awareness of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities
Experience working in a consulting (internal or external) type of role
Understanding of core technologies including networking, operating systems, virtualization, middleware
Broad technical experience in several security disciplines including endpoint and platform (Unix/Linux/Windows, virtualization, mobile) controls, encryption/tokenization, identity and access management, PKI, data protection, and security tooling integration in complex environments
Experience in working with the Solutions and Technical Architects to ensure solutions designs include the appropriate security guardrails to reduce risk and protect sensitive internal and external client information.
Understanding of the Secure SDLC process and follows the process to effectively develop and design solutions
Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences
Must take ownership of tasks and demonstrate high degree of autonomy to ensure completion
Must be personable and foster good stakeholder and peer group working relationships
Supporting RFP/RFIs & SOWs where appropriate
Experience with cloud compliance and or common industry security standards.
Recognised Cyber Security certifications, such as CISSP, CIISEC (member of fellow), CISM, SANS, SABSA, OSCP are advantageous