Cyber Resilience

Référence de l’offre
3779

Type de contrat
Alternance

Niveau d'expérience
Etudiants

Société du groupe
AXA Group Operations

Famille métierIT, Data & Transformation

Localisation
PARIS, Paris

**DOMAINS OF RESPONSABILITY**

With Group Operations, AXA has launched a global transversal Rapid Ransomware Response Readiness (4R) Program to develop its Cyber Resilience. The objective is to be ready if AXA gets hit by a ransomware attack, to limit the impact to the business by ensuring a fast containment of the attack, the eradication of the threat and the mass recovery of the IT and business operations (the “technical response”). This Program is part of the AXA global strategic tech & data programs portfolio sponsored by the Group CSO and Group Head of IT Operations.

We are looking for a Secured Isolated Recovery Environment (SIRE) Intern.

Recovery environments are a fundamental requirement of modern backup infrastructure, essential to
resuming business operations after a cyberattack. A SIRE must be completely independent of a production environment that has been compromised and include resources to verify and recover data. The SIRE is a new workstream within the 4R Program and your assignment will consist in assisting with SIRE initial definition and design phase, so we have a clear strategy, high-level design, implementation plan and financial case validated by the appropriate AXA internal governances (“gating process”).

**MISSIONS**
For our on-prem and Cloud main platforms workloads, work with the SIRE architect lead, the Design
Advisory, the other Program workstreams, Cyber Defense, the new backup & mass restore software
external partner and other key SMEs contributors to:

- Support recovery testing sessions with Product teams & improve the process:

- Preparation of the prerequisites for all testing sessions
- Supporting Product teams during the testing sessions
- Identifying area of improvements of the technical environment to prepare future evolutions
- Finalizing & resetting the environment for it to be ready for the next sessions
- Help work & resolve challenges on the following topics:

- The recovery environment location (on-premises, Cloud, DR site )
- The data transfer
- The use cases (production from there? Verification & analysis ?)
- The alignment with the cyber eradication and recovery plans being developed in parallel.
- Support the delivery & improvement the design (HLD) of the environment(s) by taking into

consideration the following:

- Networking & isolation
- Survivable backup
- Infrastructure
- Management & control pane
- The security features (malware scan,)
- Define the implementation strategy & plan(s)
- Contribute & help prepare the governances, including:

- Sponsor Meetings
- Steering Committees
- Operational committees
- Weekly meetings
- Help steer and follow-up all ongoing activities (delivery of environment / study, define process &
mechanism to overcome challenges, identify & tackle issues, etc.
- Complete the implementation financial case based on the above Deliverables:

- The recovery strategy leveraging a secured isolated recovery environment.
- The SIRE high-level design
- The implementation strategy and plan(s)
- The financial case

**Follow standard PM good practices and quality delivery**:

- Set up and facilitate project governance (animation of weekly meetings and steering committees)
- Anticipate, identify, and monitor risks along the project/manage inter dependencies (also proposing risk mitigation or reduction activities)
- Respect of AXA Methodology, PM Guidelines, Standard practices...:

- Coordinate project team
- Responsible for the delivery quality
- Responsible for making and presenting a progress and any escalation points
- Stakeholder management and reporting
- Provide accurate information on the execution for the monthly project Steer Co

**What you will learn and develop**:

- Ability to work in a very multi-cultural and global environment
- The tools and frameworks to organise the work efficiently when running a complex Program
- The knowledge of the Cyber Resilience key topics and challenges
- The understanding of the ransomware threats landscape and the stakes for a company like AXA
- Take end-to-end ownership of some deliverables
- Get exposed to senior stakeholders in the organisation

**SKILLS**

**Behavioural skills**:

- Embraces diversity and can manage disagreements to deliver mission objectives in respect of
individuals, opinions, background, and values.
- Good listening skills, ability to understand organizational complexities, and work under pressure.
- Ability to analyse complex information, connect the dots, understand the big picture and to
synthesise ideas.
- Communication, the profile is able to animate meetings ensuring the achievement of set
objectives, workshop with heterogeneous attendance
- Results oriented: ability to work in an agile project mode in an autonomous way, keeping the
exchange information in a pragmatic and e