* Place du Trône 1, BRUXELLES, BE, 1000
* SECURITY
* 11463
* 3A - Sedentary
* Philippe Houtart
Job Description
High level job description:
You will be a member of the 'Information Security' Team composed of IAM experts, Application & Cloud Security experts, Workplace and Data leakage experts. The information Security team is part of the 'AXA Belgium Security Office' department lead by the AXA Chief Security Officer.
Your mission is to promote and ensure that AXA Belgium applications, platforms and data (structured and unstructured like NAS and SharePoint) are protected thanks to adequate "Identity and Access Management" controls.
You will work mainly in collaboration with security colleagues, security and solution architects, IT product teams, IAM Security correspondents, business teams and AXA group Identity and Access Management colleagues.
Main tasks:
The key tasks of the "Identity & Access Management (IAM) Expert" are as follows:
* Security oversight:
* Act as IAM expert for AXA Belgium Security Office department thanks amongst others to a relevant IAM end to end knowledge on AXA applicative landscape, identities and processes.
* Oversee, review, measure, document and drive efforts to increase maturity and effectiveness of identity and access management processes/controls and associated ISO 27K controls objectives.
* Ensure adequate role model is maintained in collaboration with business and IAM security correspondents.
* Maintain up-to-date IAM heatmap to provide a clear "risk based" view of the AXA Belgium assets from an Identity and Access Management view.
* Define the IAM strategy for business projects and ensure thanks to adequate processes that this strategy is effectively implemented with the support of the application security team.
* Produce clear presentation on IAM risks, strategy, current situation towards IAM stakeholders (technical and business): application owner, management, internal controls and auditors.
* IAM controls enhancements
* Define the IAM roadmap based on IAM heatmap, AXA security instructions, eventual deficiencies, AXA Belgium/AXA group solutions evolutions and business strategy/requirements.
* Participation to projects related to or impacting "Identity and Access Management" by providing and following Security Office requirements implementation; ensure adequate "business as usual" (BAU) processes are defined and documented so that these are smoothly executed (by other teams).
* Active participation to the enhancement of a "User Risk Based Inventory" highlighting key risks to business and triggering adequate remediation or acceptance.
* Awareness:
* Maintain/animate the collaboration with IAM Security correspondents/officers to ensure a close alignment between Security Office and business for IAM topics.
* Promote security culture and define/participate to the education of AXA. employees and AXA IT departments (e.g. architecture, engineering, operations) on IAM risks, processes, procedures and requirements.
Good to know:
* The configuration of IGA (Identity Governance and Administration) solutions is performed by AXA colleagues based on Information Security team requirements/guidelines
* AXA Belgium relies significatively on security products or services provided by AXA group to (all) AXA entities.
Profile:
Study/Experience/Knowledge
* Bachelor or Master in Computer Science / Information Systems / Information Security or other related field.
* Minimum 5 years of relevant "Identity and Access Management" experience. Longer experience and/or experience in the financial sector is a strong asset. A broader experience of "Application Security" (in whatever application security "area") is an asset.
* Strong understanding of the different types of identities and accounts (amongst others privilege and non-privilege, personal and shared or technical,…) including the "Identity and Access Management" best practices and Role Based Access Controls (RBAC) and processes.
* Experience of Identity and Access Management controls and processes on at least of few asset types (like front-end applications, back-end, APIs, NAS, SharePoint,…) on at least a few platforms (like Mainframe, distributed servers (Windows and Linux), cloud (Azure and AWS) and SAAS solutions).
* Good understanding of the different repositories (Active Directly, Entra ID, LDAP,…) with knowledge on the way to query these. Ability to run advanced analysis, pivot table and reports based on O365 product suite.
* Knowledge and experience of IGA (Identity Governance and Administration), Privilege User Access Management solutions (PUAM) and Password Management solutions is an asset.
* Experience in creation and follow-up of remediation action plans implementation (no project management skills/experience are required).
* Experience in risk identification and assessment is an asset.
* Good knowledge/experience of ISO27K is an asset.
Soft skills
* Strong teamwork despite able to work autonomously.
* Problem solver and have excellent analytical skills.
* Good communication skills towards technical teams, business teams and management.
* Good negotiation skills.
* You communicate (written and verbal) fluently English on top of a good knowledge in French and/or Dutch.
AXA aims to be a reflection of the diverse society in which we live and has therefore been pursuing a policy of active diversity, non-discrimination, and equal opportunities for many years. In this context, we guarantee equal treatment and access to recruitment, regardless of age, origin, cultural background, disability, gender, sexual orientation, or other characteristics.
AXA Belgium
We are more than 3000 employees, partnering with 3200 brokers, located in our modern offices in Brussels, Antwerp, Eupen, and Liège. We are serving 3 million customers, and we are proud to be the number 1 car insurer. It is our ambition to not only be a payer but rather a real partner for our customers.
Our four core values drive us every day to give our best for our customers while collaborating effectively with our colleagues: Customer First, Integrity, Courage, and One AXA.
At AXA, we reject unfair or unlawful discrimination in any form. More info in our Diversity & Inclusion Policy.
What we offer
A nice reward for your work
An attractive salary, supplemented with discretionary personal and collective bonuses and of course, meal and eco vouchers, the full reimbursement of public transport, and a cafeteria plan.
The benefits of working at an insurance company
From group to hospitalization insurance and ambulatory care (family members can also join at an advantageous rate) and with up to 30% discount on all additional insurance products.
A job that respects your personal life and dreams
A flexible schedule of 35 hours per week, 36 days of leave per year to recharge, as well as the option to work partially from home.
You will benefit from sports classes at work, employee wellness programs and trainings, to keep you in great shape, both physically and mentally.