Overview
Cyber Assurance Technical Project Manager role at AXA XL. Location: Ipswich, UK. AXA XL is an Equal Opportunity Employer. You will provide expertise and consultancy covering all aspects of AXA XL’s Information Security and policies. You will interact with IT representatives to ensure adherence to corporate and information security policies. You will have skills to provide expert level assurance in penetration testing and vulnerability assessments. The ability to manage business and IT expectations, compliance, and Security requirements are critical to success. You will be responsible for oversight of a subset of annual penetration tests, including planning, execution and closure tasks to meet testing goals. You should understand the risk associated with vulnerabilities, technologies and their delivery and service mechanisms supporting the infrastructure and business. To that effect, you should be a CISSP or be able to obtain the same certification within two calendar years.
You will be required to understand completely the risk associated with various vulnerabilities, technologies and their delivery and service mechanisms supporting the infrastructure and business. In conjunction with the above, you must understand the necessary controls and countermeasures to enable the enterprise to operate securely.
What you’ll be doing
* Manage application and security assessments allocated by Cyber Assurance Program managers from start to end of the penetration testing lifecycle. Testing should occur on time and output findings and reports should be communicated to internal stakeholders after review.
* Work with Cyber Assurance Program managers and Internal AXA XL stakeholders to strategically plan testing windows on suitable dates. Assisting testers with scoping calls, ensuring prerequisites are in place in advance of test dates. Troubleshooting procedural and technical challenges and any blockers faced by testers. Ensure smooth delivery and completion of penetration tests.
* Provide regular updates to Cyber Assurance Program Managers on the status of tests you have been allocated to support.
* Perform technical vulnerability and web application scans and provide output to security testers and application owners where required.
* Conduct quality assurance on vendor supplied reports for Cyber Assurance Program Managers at end of testing before these are passed to internal stakeholders.
* Provide technical input in post test review calls to review reports after each test, ensure vulnerabilities are explained to business and application owners along with remediation guidance and timelines.
* Participate in supporting wider Cyber Assurance team activities such as Cyber Essentials and DORA and Security Architecture reviews. Provide security input to Cyber Assurance Program Managers.
* Contribute to producing metrics and updating internal trackers to track status of tests and engagements for review by Cyber Assurance Program Managers. Ability to present metrics and reporting to Information Security leadership team.
* Version maintenance and release monitoring of various discovery tools.
* Contribute to tracking and maintenance of software licenses used by security tooling within the team and feed back status to Cyber Assurance Program Managers.
* Report to the Head of eDiscovery and Cyber Assurance.
Qualifications
* Established penetration testing experience and information security project management experience
* Proven experience in penetration testing, cybersecurity, or related fields
* Understanding of penetration testing process and lifecycle, OWASP application vulnerabilities and IT systems
* Knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001) and compliance regulations (e.g., DORA, GDPR, Cyber Essentials)
* Familiarity with security tooling and vulnerability scanning (e.g., Qualys, Nessus, Burp Suite)
* Digital forensics or discovery experience
* Basic understanding of email infrastructure Outlook Office365 and Microsoft applications
* Basic understanding of virtual environments
* Bachelor’s degree in information technology, cybersecurity, computer science, or related field; master’s degree or relevant certifications (e.g., PMP, Prince2, CISSP, OSCP) is a plus
* Ability to work under pressure and set priorities accordingly
* Ability to work in a fast paced, high pressure work environment
* Excellent technical writing and oral presentation skills
* Commitment to ethics, confidentiality and integrity
* Proactive in proposing process improvements
* Willingness to continuously learn and implement new technologies and methods
* Ability to build effective relationships with key stakeholders
* Strong analytical and problem solving abilities
* Professional and courteous with strong judgment and critical thinking
* English proficiency
Inclusion
AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. We have an inclusive culture that enables business growth and success. It’s about helping one another and our business move forward and succeed.
* Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 chapters around the globe
* Flexible working arrangements
* Enhanced family-friendly leave benefits
* Named to the Diversity Best Practices Index
* UK Women in Finance Charter
Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer.
Seniority level
* Not Applicable
Employment type
* Full-time
Job function
* Project Management and Information Technology
Industries
* Insurance
#J-18808-Ljbffr