Job Description - Delivery Lead, Security & Governance (AXA10167D20240207)
Job Description
Delivery Lead, Security & Governance (
Job Number:
AXA10167D20240207 )
DISCOVER your opportunity
Security & Governance (Audit, Risk) Delivery Lead
UK (London or Ipswich)
We invent the new to help the world move forward. Combining powerful analytics and deeper insights with bigger ideas and innovative solutions, we free up our clients’ potential, thereby fulfilling our own. Take it seriously. Make it fun. Know it matters.
DISCOVERyour opportunity
What will your essential responsibilities include?
Line management responsibility for 7 – 3 Security Analysts, 4 IT Risk, Audit, Governance Analysts
Security
Owns ‘BAU’ Security remediation, non-project, on behalf of Transversal Application Services
* Owns and runs the Steering Group, owns the Working Group, assesses and prioritises incoming requests, assesses and reports on quality and security of code, prioritises and ensures execution of remediation according to InfoSec targets.
Owns MTSB (Minimum Technical Security Baseline) Controls on behalf of Transversal Application Services
* Ensures compliance with the agreed score, set by the MTSB Control Committee, post project completion including process governance and resourcing.
Sets the direction for the Scanning tools to be used in conjunction with GT Security
* Owns the relationship between Application Operations and Information Security and GT Security
* Understanding security drivers, build a collaborative execution model, facilitate productive working relationships.
Security Champion for Transversal Application Services
* Driving Security culture change within Transversal Application Services, embedding an effective security capability enabling consistency and advocacy within the teams
Production of regular reporting providing visibility into the Transversal Application Services teams of position against backlog/outstanding security remediation items
Develops and manages the process to enable the Transversal Application Services delivery teams to apply for funding for security related items.
Manages the team of 3 Security Analysts
Risk
Primary interface between Transversal Application Services & IT Risk & Governance – dotted line into Global Head of IT Risk & Governance
* Building a consistent and understood single point of entry into Transversal Application Services from IT Risk & Governance, building consistent and repeatable information assets.
* First line of defence co-ordination and control, assisting in setting the strategic direction for identification, governance and appetite of Risk
* Owns the Risk response back to Internal Audit and IRM, tracks audit risk items through to closure ensuring adherence to agreed closure dates.
* Detailed tracking of audit items, including slippage information, and reported out to Transversal Application Services/Application Delivery key stakeholders.
* Second and Third Line of Defence co-ordination (including IRM)
Manages the Technology Obsolescence risk identification process and onward feed into the Software Obsolescence Program (SOP) for remediation.
* Maintenance of data store in Abacus, extraction of data points to deliver insight into the largest obsolescence risks the organisation faces, delivering outcome into the SOP to achieve and be able to demonstrate overall risk reduction.
Owns the RAMP Management process on behalf of Transversal Application Services
* Initial review of submitted RAMPs, ensuring RAMPs meet the data provision baseline as determined by Information Security Steering Committee, deputising at RRG Review meetings and the InfoSec Steering Committee
* Responsible for the underlying JIRA (RAMP) system maintenance and development
* Drives improvements to the RAMP management process as relates to Transversal Application Services i.e., consistency in approach, visibility of position, identification of transversal risks etc.
Ensures visibility into Transversal Application Services of Risk related activities and associated deliverables.
* Production of Dashboards, reporting, building a single source of truth for all Risk items
Manages the Senior Business Analyst aligned to Risk activity.
Audit
Owns and manages all Internal, External and Financial Control audits on behalf of Transversal Application Services
* Owns, maintains and develops the relationship with Internal Audit, acting as the primary contact point for Transversal Application Services
* Collation, and provision, of all supporting evidence gathered in from the Transversal Application Services functions.
* Maintains a central repository of evidence including MAPs, Audit Findings and associated documents.
* Produces Audit schedule, socialising with Application Delivery Leads/Application Managers for visibility and awareness.
* Create/maintain an Audit tracker.
* Produces regular reporting for distribution across Transversal Application Services to support visibility of audit compliance.
Governance
Manage engagement from App Operations Governance team into Application Delivery teams.
* Ensure all relevant data is accurately maintained i.e., CMDB, IHEF, Escrow, Abacus etc. is maintained and updated for all applications/services owned and managed by the Application Delivery teams.
Manages vendor governance, working in collaboration with Operations Leads and Sourcing
* Maintains up to date source of all contractual information as relates to vendor provided services i.e., development, support, IDM services etc.
* Develops and distributes service reporting templates to ensure productivity and effectiveness of vendor weekly/monthly reporting and service reviews.
* Checks and validates vendor SLA measurements.
* Attends monthly vendor governance reviews.
* Provides support for SLA & KPI configuration in the Service Management tool (Silva currently)
Finance
* Manage circa $4.5m Application Security budget (non-project) including activities such as accruals, forecasting etc.
You will report to the Head of Application Operations with a dotted line into the Global Head of IT Risk & Governance
We’re looking for someone who has these abilities and skills:
* Excellent presentation, communication (oral & written), and relationship building skills, across all levels of management
* Established Organizational skills with attention to detail and ability to handle change
* Excellent problem solving and analysis skills
* Must be able to work well under pressure and consistently meet deadlines
* Ability to work as part of a team or to be self-directed as required
* Practiced at working as part of a global team (including outsourcing) spanning multiple time zones
* Understand cultural differences and be effective working in a diverse environment
* Passion for learning and prepared to go the “extra mile”
* You care about what you do, and what we do
FIND your future
AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it.
How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty.
With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.
AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic.
At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed.
* Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe
* Robust support for Flexible Working Arrangements
* Enhanced family friendly leave benefits
* Named to the Diversity Best Practices Index
* Signatory to the UK Women in Finance Charter
At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations.
* Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society – are essential to our future. We’re committed to protecting and restoring nature – from mangrove forests to the bees in our backyard – by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans.
* Addressing climate change: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions.
* Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting.
* AXA Hearts in Action : We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day – the Global Day of Giving.
For more information, please see axaxl.com/sustainability
AXA XL is an Equal Opportunity Employer.
Location
Location
: GB-GB-London
Other Locations
: GB-GB-Ipswich
Work Locations
: GB London 20 Gracechurch Street 20 Gracechurch Street London London EC3V 0BG
Job Field
Job Field
: Information Technology
Schedule
Schedule
: Full-time
Job Type
Job Type
: Standard
AXA XL is an Equal Opportunity Employer and does not discriminate against any colleague or applicant for employment on the basis of race, color, national origin, religion, sex, gender identity and/or expression, sexual orientation, age, disability, genetic information, veteran status, military status or any other category protected by local law.
#J-18808-Ljbffr