Lead, Information Security Engineering

Ensure that security vulnerabilities as well as incidents are managed proactively to prevent or minimize disruptions to business activities in case of possible security breaches.

Role Qualification:

Academic/Professional:

• B.Sc./MSc in Computer Science, programming, Information Security/Information Technology, Electrical/Electronic Engineering or Computer Engineering/Information Systems Management or related field
• Experience in information security, business continuity and data privacy. Experience with security testing and technology solutions.
• Recognized professional certifications such as OSCP, Certified in Secured Programming, CEH, CHFI, JPT, CAP, CCSP.

Work Experience: 3 – 5 years’ work experience

Key Responsibilities:

• Continuous Static and Dynamic application security testing.
• Report all vulnerabilities and their status to the CISO/ Head Information Security, CSO and other relevant stakeholders or as directed by the CISO and CSO.
• Have a good knowledge of business risks associated with common security vulnerabilities and be able to effectively communicate same to application developers, Infrastructure & Network Team and/or senior managers effectively.
• Collaborate with and support the Group Information Security Practice, Local CISO/Head, Information Security/CSO and other stakeholders as necessary to ensure that information security within AXA Mansard is relevant, cost-effective and is delivered in accordance with the Group Information Security Strategy.

Required Skills and Competencies

• Strong background and technical knowledge and skills in information technology, information security and cyber security with a clear understanding of security controls design and implementation and information security trends.
• A forensic approach to challenges.
• Ability to work as part of a team and build strong relationships with staff and other relevant individuals.
• Good knowledge of network security, application and database security, identity and access management.
• Knowledge of and in-depth experience with more than one major IT discipline (e.g., distributed computing, networks, financial applications design and development, IT security and business recovery.