Whatever their stage of life, we provide over 108 million customers with the products and services they need to progress. From insurance to personal protection, and savings to wealth management, no matter the need we’re always there for them. And we’re always there for our employees. In 50 countries, we work hard to inspire pride and a sense of belonging in our people. To provide opportunities that challenge them, inspire them, and reward them. And to create a culture that’s open, supportive, and empowering. Because we know that’s the real secret to success – and the best way for us to keep building a better world for both our customers and the talented people who put them first.

Your work environment

The headquarters of the AXA Group (GIE AXA) brings together our corporate activities. It provides guidance and support to subsidiaries around the world, to ensure the coordination and monitoring of the Group's global strategy, the application of its standards, the consistency of commercial approaches and the sharing of best practices. The headquarters gathers approximately 1000 employees and is distinguished by its strong international culture (45 nationalities), which makes it a rich and stimulating place to work.

 Job purpose

To lead and perform independent security reviews of IT systems and environments, projects and processes implemented or planned across the various Group entities.

Dimension

• Lead or support up to 8 Internal Audit engagements each year across the entire AXA Group
• Lead IT transversal audits (i.e. global audits impacting all Group entities)
• Share expertise and experience with the AXA Global IT Audit community by developing and maintaining IT Security Audit workprogram and tools (Global Subject Matter Referent for databases)
• Management & development of junior security auditors.

Context & major challenges

• Transversal audits have major impacts on AXA governance and processes, both at Group and entity levels.
• Numerous information security related issues already open and requiring Interal Audit issues already open and requiring to be followed-up with operational stakeholders. Topic is in the agenda of AXA top management.
• All activities performed in compliance with international auditing and AXA standards, being tightly reviewed during external Quality Assessments and the French regulator (ACPR).
• Flexibility needed to manage schedules with Internal Audit teams across the Group due to the fact that the Central audit team is used as a hub of expertise

Key accountabilities

Audit delivery

• Lead the definition, the planning, the organization, the management and the realization of reasonably complex IT security audit assignments.
• Manage local auditors, or transversal audit teams across regions (transversal audits)
• Accountable for the reporting of findings and formalization of added value recommendations.

Issues follow-up

• Accountable for the follow-up of past recommendations.
• Act as a sparring partner with issues owner to help remediate risks using a risk-based approach.

Stakeholders management

• Represent Internal Audit on audit debriefing to Senior Management.
• Act as a sparring partner with stakeholders on a day to day basis (Audit coordinator role for Group Operations BUs and Corporate Center entities).

Team management

• Management, training & development of a team of junior auditors

Contribute to Internal Audit Community

• Lead or contribute to the development and the maintenance of IT security audit workprograms and tools.
• Lead or contribute to internal projects aiming to benefit to the global pool of IT auditors.
• Share expertise and experience with the IT Global Audit community.

Vous rejoignez une entreprise :

-    Responsable, vis-à-vis des personnes, y compris ses employés et ses clients, et de la planète. -    Aux valeurs fortes-    Qui encourage la mobilité interne, et la formation de ses employés-    Qui vous offre de nombreux avantages (en savoir plus ici : Reward & Benefits - french | AXA Group)-    Flexible, qui permet le travail hybride, au bureau et à la maison.

Les informations fournies par les candidat(e)s seront traitées de manière strictement confidentielle et utilisées uniquement à des fins de recrutement.

• Proven very strong expertise in one or several of the following domains is required: information security (including penetration testing), source code review, infrastructure & application & database & network security audits.
• Knowledge of standard IT & security audit methodologies, frameworks and tools is a clear plus.
• Inquiring and analytical mindset. Rigorous with strong perseverance skills.
• Ability to anticipate risks and to take initiatives. Can handle unforeseen changes.
• Demonstrates capacities to convince his/her interlocutors, including in contexts of conflict and complex situations.
• Good organizational and time management skills. High level of autonomy.
• Open-minded and dynamic, ability to work within a multicultural team
• Keen to proactively play an active and constructive role in the global IT Audit function.
• Produce quality reports requiring limited review workload from management.
• Engineer, min. 6 years of IT security audit experience or min. 9 years of security operational experience.
• Be passionate of technology and information security (e.g. know how to search for IT related knowledge, attend to information security conferences, follow information security news, ..)
• Have strong IT skills, including at least one programming language and good knowledge of operating systems (e.g. Windows, Linux), databases and network architecture and security principles.
• Previous experience of IT security audit gained while working in an audit firm would be a clear plus.
• Professional certifications like CISA, CISM, CISSP, OSCP, CGEIT, CRISC and GSNA is a plus.