Security Officer

AXA GBS MOROCCO

Present in Morocco since 2009, AXA GBS MOROCCO ( Ex- AXA Group Operations Morocco) is an offshoring entity. With more than 300 employees and its various centers of expertise operating in the fields of IT, Project Management, Finance and Human Resources, AXA GBS MOROCCO supports AXA entities in carrying out its mission.

Roles & Responsibilities :

In this role, you will be a key member of the Security team, responsible for various aspects of security across the business covering information security, operational resilience and physical security. You will work as part of a global security team, interfacing with a wide variety of stakeholders including senior leadership.

Your role will be to help identifying and understanding security gaps and risks, help perform risk-management activities and support decision making, allowing proper prioritization and strategic as well as tactical improvements.

* The performance of security risk assessments and monitoring remediation
* Providing oversight and governance over physical security and safety
* The performance of and reporting of security frameworks
* Oversight and execution of security across our services to ensure adherences to security polices, procedures and risk management
* Continuously developing and improving the levels of security in our functions and services
* Crisis coordination and management, business continuity planning, IT service continuity and other key operational resilience aspects
* Reporting aspects to the risk committees, Group and Executive committees
* Contribute on strategic initiatives and programs
* Will be required to interact with and present to Executive level leadership in addition to delivering presentations to wider audiences.

Main Activities

* Incident and threat monitoring for the region, providing early intervention as needed to inform the crisis management team.
* Interact with key stakeholders in the business lines to ensure security services reports are in place, up to date and any risks are being mitigated.
* Provide location specific oversight on operational resilience and travel security and physical security aspects.
* Contribute to the crisis coordination in GBS and specifically Morocco location – maintaining the local capability as needed.
* Conduct and support operational resilience activities related with ITSCM, BCP, BIA and Crisis management – working closely with the GBS Operational Resilience team members and providing local interactions.
* Coordinate strongly with the GBS Operational Resilience team as a team member.
* Conduct site security assessments and ensure the sites are well maintained by facilities, reporting and logging any security issues.
* Support security assurance activities as needed to ensure completeness in the evaluation of local controls.
* Support as needed, the incident and change management process, and review local change requests from a security point of view, against the security standards. Managing a team of security professionals based in different locations
* Develop and maintain GBS Security processes, guidance, and templates to ensure alignment to AXA Group standards and frameworks, business needs and industry best practices
* Execute risk assessments and the management of those risks
* Contribute to the management and reduction of Internal Audit issues
* Provide location specific oversight on travel security and physical security aspects.

Qualification :

* University graduate with a degree in Business, IT, or a related subject.
* A post-graduate degree in Security is preferred
* Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISM, CRISC or equivalent) is preferred
* Experience in Security / Audit > 5 years
* Experience in Security profession within at least one of the Security disciplines (IS / OR / PSS) > 6 years

Experience :

Profile:

* Ability to function effectively in a matrix structure
* Previous experience in an international environment
* Self-motivated and self-directed, able to work unsupervised
* Team player
* Experience interacting with management
* Fluent in English

Technical Knowledge:

* Security Assurance
* Security Governance and Risk
* Information Security, Operational Resilience and Physical Security and Safety controls
* Internal Control and / or Internal Audit experience.

Professional Certifications :

* CISSP-ISSAP, CISM, CRISC, ISO 27001 Lead Auditor