• Developing and implementing cloud security controls, cloud-based processes and tools, and cloud security task automation.
• Provide Operational support for Security Operations related activities that can include, but not limited to:
• Analysis of IT security risks, identification of associated impacts and proposal of appropriate action plans.
• Realization of technical POCs and rollout of container security solutions (example: Twistlock, Aquasec, WIZ, Kubernetes…).
• Researching industry trends and new technology; implementing new procedures as needed to improve cloud security infrastructure.
• Responsible for the thorough documentations of implementations, via technical documentation and run books.
• Partner with security teams to enhance cloud security solutions and establish preventative controls to support security needs via automation. Including:
As part of cybersecurity operation team:
• Follow company guidelines / regulations to ensure company data is held in a secure manner, including electronic access or in written format.
• Escalate any security issues or potential security breaches as appropriate to ensure any potential issues can be secured.
• Aligned with Information System Security policy and guidelines, develop and deploy processes that will ensure level 1 controls are in place, actioned and tracked.
• Deliver security projects to protect the cloud infrastructure, in-line with AXA Group policy.
• Support IT audits as required and drive the recovery of any audit deficiencies to pre-agreed deadlines.
• Adopt a culture of innovation, to deploy new services in a “value-add” and cost-effective way towards the business.
• Master degree in Computer Science or significant experience in similar technical IT management roles.
• At least three years of experience securing and supporting public cloud environments such as AWS and Azure.
• Microsoft Azure Security related certifications are recommended.
Experience / Skills
• Related Information Security experience; project management knowledge.
• Mastery of security standards and procedures and related tools and technologies: firewall, antivirus, cryptography, authentication servers, intrusion tests, PKI, URL filtering ...
• Strong experience with web technologies is a must (HTTPS, REST, CDN, Load Balancing, etc)
• Experience securing CloudFormation/Terraform IaC
• Proficiency in measuring and securing IaaS, PaaS, and SaaS environments in AWS and Azure
• Knowledge of vulnerability defense (ex: OSSTMM, OWASP ...)
• Knowledge of Infrastructure as Code tools (Terraform, Pulumi, Crossplane) a plus.
• Ability to work well in teams and manage multiple priorities.
• Punctual and capable of managing assigned deadlines.
• Client focus is a key asset. To be the business advocate for locally delivered services in a service-oriented manner.
• Technical leadership with very good knowledge of Cybersecurity technologies, strategies & trends and security patterns for Cloud-based platforms (Iaas/Paas, Infra-as-code, Azure DevOps and CI/CD, etc).
• Ability to manage outsourced services.
• Fluent in English mandatory. Working knowledge of French preferred.
• Proactive and innovative.