Information Security Risk Officer

**Key Responsibilities**

The Information Security Risk Officer is responsible to identify security risks for the organization. This defines an effective Information Security Management System (ISMS) aligned with AXA IM Risk Management. Security efforts should address risks in an effective and timely manner where and when they are needed. Assessments conducted by the IS risk officer are an integral part of all information security management activities. They are applied both to the implementation and the ongoing operation of AXA IM ISMS.

The IS risk officer is charge of the Information Security Risk Management continual process, establishing the external and internal context, the threats and the controls to assess the risks affecting AXA IM through interviews conducted with senior business representatives. He/she analyses what could happen and what the possible consequences could be, before defining in collaboration with AXA IM management what should be done and when, to reduce the risk to an acceptable level.

**Risk Management**:

- Converged Security Risk Assessment (CSRA):

- Organize the annual security risk assessment in collaboration with Group Security, AXA IM Operational Risk team and AXA IM head of Business Continuity, Health & Safety, to ensure framework alignment and achievement of common goals.
- Prepare security risk assessment interviews, leverage on existing process such as previous year CSRA assessment, Business Continuity Business Impact Analysis (BIA), Physical Security, Health & Safety site security risk assessments, Operational Risk assessments and quantifications, as well as previous year incidents, audits and controls review.
- Define key stakeholders to interview amongst AXA IM senior managers, to ensure security risk are assessed across all business, all support functions, and, across all locations.
- Analyze interview conclusions to qualify security risks affecting AXA IM globally and to review AXA IM most sensitive information (“Crown Jewels”).
- Present during the Global Security Risk Committee the formalized conclusions for approval, and follow-up on remediation action plans.
- Application Information Security Risk Assessment (AISRA):

- Define the risk treatment plan in collaboration with the Application Owner and the Global IS Officer in line with AXA IM strategy and risk appetite.
- Document and maintain risks and their remediation action plan in AXA IM GRC tool (MEGA HOPEX).
- Present during the Global Risk Committee, formalized AISRA conclusions for approval and follow-up of risk remediation action plans.
- Contribution to the documentation, run and enhancement of AXA IM Information Security Management System (SMSI) to allow the improvement of AXA IM maturity improvement on ISO 27001 standard and achievement of a certification.

**Awareness**
- Communicate about Information Security on AXA IM intranet (Workplace and other communication means) to raise awareness with news, rising threats or successes articles.
- Contribute to security initiatives, such as cyber coffee-breaks.
- Promote security during the year and lead by example.

**Cyber security watch**
- Maintain continuous cybersecurity watch (from technological, news, to regulation) that might affect AXA IM businesses, Operations, IT and Security.
- Assess impacts on AXA IM Information Security Management System and Information and Communication Technologies.
- In collaboration with relevant teams, contribute to the action plan definition and to the implementation required.

Backup AXA IM Global IS officer in managing information security incident response team by ensuring proper investigations and coordination with stakeholders during a security incident. In high impact incidents, the IS Risk Officer interacts with the crisis management team.

**Operation management**:

- Coordinate daily operations of the SIRT team composed of 1 apprentice and a center of service.
- Provide operational support for crisis management in the event of major security incidents.
- Produce regular dashboards and reporting.

**Anticipation**:

- Monitor threat intelligence feeds over hacker groups, their attack methods, Indicators of Compromission and their motivations.
- Inform the security teams of important new threats and vulnerabilities and define remediation measures to counter them in collaboration with IT teams.
- Participate in cybersecurity crisis and incident management preparation exercises

**Incident response**:

- Ensure the proper execution of the incident response process from detection to resolution of the incident.
- Monitor and coordinate remediation actions.
- Improve processes with lessons learnt from incidents to capitalize on.

**QUALIFICATIONS**

**Education/Qualifications**
- Master’s degree-level education or equivalent
- A recognized technical information security certification (e.g., ISO 27005, ISO 27001, CISSP) is a plus.

**Experience**
- At least 5 years of experience in Information Security, including