Information Risk
il y a 26j


Company StatementThe AXA Group, world leader in Financial Protection, supports and advises its individual and corporate customers at every life stage, providing them with the products and services that meet their insurance, personal protection, savings and wealth management needs.

Our areas of expertise are reflected in a range of products and services adapted to the needs of each client in three major business lines : property-

casualty insurance, life & savings, and asset management.

Present in 59 countries, the 161,000 employees and distributors of AXA are committed to serving 103 million clients. AXA chose to gather its central functions within an economic interest grouping (GIE).

The GIE AXA main missions are to :

  • Steer the entities in order to ensure the coherence of the strategies, the consistency of the commercial approaches as well as the optimization of the risks and results;
  • Defining and coordinating Group policies, different transversal projects and standards, identifying and sharing best practices;
  • Supporting the entities in order to help them to grow, to develop their offer, their management and steering standards as well as their risk management.
  • The AXA Group’s head office, based in the 8th arrondissement in Paris, accounts for around 804 employees. With 39 nationalities among its staff, a distinguishing trait of the head office is its strong international atmosphere.

    Information Risk Management In the context of growing cybersecurity threats and global information risks, regulators require AXA to get a solid second line of defense to ensure the overall risks are adequately managed and that risk appetite is mastered in that respect.

    Although protection of information is a shared responsibility of all AXA entities, including all AXA employees, agents, and advisors, GRM has set a specific department to guide and control AXA in this effort : Group Information Risk Management (GIRM) is responsible for leading the enterprise's approach for managing existing and emerging risks associated with the stewardship of AXA information.

    The Information Risk Challenge & Advisory team performs challenge and / or advisory (aka second opinion’) reviews on Information risks and vendor risks, independently conducting studies and following-

    up the remediation actions. In that context, the CHALLENGE & ADVISORY EXPERT oversees a portfolio of second opinion reviews on Information risks, independently conducting studies and following-

    up the remediation actions. He / she issues recommendations (if findings are below the risk appetite of the concerned entity) and / or requirements (mandatory implementation by the CxO, shall the risk appetite be overflowed).

    He / she challenges and verify Information cases designed and operated by 1st line of defense, both at a Group level or in specific entities as per plan and oversees its effective remediation to reduce the residual risk exposure.

    Bringing in a strong expertise in IT and / or project management, as well as a risk management perspective, he / she provides highly appreciated advices and reports about information use cases to executive committees and among senior business deciders.

    Its finding being reported by a separate unit of GIRM ( Framework & Report ), he / she acts as a real team player and a role model in AXA values : courage and ONE AXA. Main activities :

  • Manage second opinion process : lead second opinion reviews performed by a risk analyst and perform second opinion reviews : Define the second opinion review scope;
  • Analyze projects, activities, organizations and processes to identify risks; Conduct interviews of the main stakeholders;
  • Define a verification program to assess effectiveness of controls and risk coverage; Write second opinion reports highlighting concerns and providing requirements and recommendations;
  • and Present the outcome of the reviews to senior management. Follow-up of the remediation actions for the concerns raised in the second opinions (recommendations and / or requirements) :

  • As an expert, convince operational management and risk management executives by sharing his / her opinion and its arguments / evidences on projects through assurance or specific governances;
  • As an influencer and advisor, assist entities in implementing a local second opinion process; and
  • As a Group Risk Management team member, contribute to maintain the Group internal control framework on Technology, Data Management and Procurement macro-
  • processes and to animate the Information Risk Management Community :

  • Provide support and assistance to business and entities in support of both Information risk and vendor risk framework, control and reporting activities.
  • Provide an active support in animating the Information risk worldwide community through sharing best practices and technological developments.
  • Qualifications

  • Bachelor’s degree minimum; Master’s degree or relevant certification preferred.
  • Minimum of 7 years’ work experience in information systems, preferably in Financial Services industry.
  • Passionate about technology and disruption trends in a digital world with good understanding of information and technology risk.
  • Strong analytical and organizational skills.
  • Expertise in Technology Risk Frameworks such as ITIL, ISO 2700x, COBIT, ISF, etc.
  • Industry recognized certifications (e.g., CISM, CISA, CRISC, ITIL, CRMA, CIA) are welcomed.
  • Constructive challenging ability in a collaborative environment.
  • Ability to interact with senior management and multiple stakeholders
  • Ability to work within an international and multicultural environment
  • Demonstrate high reliability, quality and timeliness of deliverables
  • Proficient writing and delivery of presentations, documentations
  • Strong communication, negotiation and presentation skills
  • Ability to elicit cooperation from a wide variety of sources, including Group and subsidiaries’ management, business experts
  • Fluent in English.
  • Postuler
    Ajouter aux favoris
    Retirer des favoris
    Mon email
    En cliquant sur « Continuer », je consens au traitement de mes données et à recevoir des alertes email, tel que détaillé dans la Politique de confidentialité de neuvoo. Je peux retirer mon consentement ou me désinscrire à tout moment.
    Formulaire de candidature