Security Risk Analyst

AXA XL

Gurgaon, Haryana
Permanent
Full-time

13 days ago

AXA XL is a new division of AXA and is the result of the recent merger of the former entities XL Catlin, AXA Corporate Solutions/Matrix, AXA Art and AXA Insco. The organization has as an objective to centralize enterprise security risks, effectively record them, qualify/quantify them, manage them to keep them within appetite and report on them regularly. The Security Risk Management methodology is composed of various parts, like the Data Classification and The line of Business Risk Assessment which records the most important information assets from the Line of Businesses and their associated Security risks. The Application Risk Assessment measures the frequency and impact of the Security Risks of the applications holding valuable AXA XL data. The Risk Acknowledgement and Mitigation Plan (RAMP) process records information-related risks and seeks to obtain business ownership of them. Individual RAMPs are reviewed by the RAMP Review Group (RRG), which agrees on deadlines for mitigation or even to escalate the final decision to higher committees within AXA XL. Security is the owner of this program and is responsible for all the associated tasks which make the process work. Security is expected to drive the different initiatives associated with the program, report on them and regularly synthesize them as a single report for up to C-Level leaders for decision. The Risk Analyst will work under the responsibility of the Head of IS Services and Risk Management or delegate. The responsibilities of the role will focus on the Application Risk Assessment process that evaluates the risks induced by the application systems.DISCOVER your opportunityWhat will your essential responsibilities include?· Support the business and IT stakeholders in the creation of Application Risk Assessments (ISARA).· Act as a liaison between IS, IT and business stakeholders to evaluate the risks associated with applications.· Help prepare and format the ISARA in the associated tools.· Identify the key information about the application & perform the application impact assessment.· Perform a control assessment and evaluate the effectiveness of the controls.· Rate the identified risks and update the global methodology.· Propose remediation actions and define an action plan.· Monitor the remediation of the risks in the risk register.· Review the most important changes to Applications and ensure those changes have been updated into their ISARAs, and monitor any new risk identified.· Communicate weekly on the top identified risks that are currently monitored.· Ensure up-to-date Information Security risks metrics are ready to be distributed as required.· Produce monthly reports to the local IT, Security and Risk governance on the residual risks that were acknowledged/accepted and most importantly monitored risks.· Act as a champion for Information Security when dealing with areas of the business, providing assistance with the raising of information risks and explaining current policy as requiredYou will report to the Information Security Specialist.QualificationsSHARE your talentWe’re looking for someone who has these abilities and skills:Required Skills and Abilities:· Fluent in English (Required).· Master’s degree in Computer Science, Engineering, or related field with a minimum of 5 years of professional experience in Risk Management (Required) and/or Information Security (Preferred).· Expert in synthesizing and clearly communicating complex information to all audiences up to C-Level leaders (Required).· Experience in articulating risks in business language and advising on the appropriate risk management action (Required).· Excellent attention to detail and the ability to create clear, concise and engaging presentations breaking down difficult problems (Required).· Expert analytical and reporting skills (Required).· Excellent interpersonal and collaborative skills (Required).· Expert in Microsoft Office (Word, Excel, PowerPoint, SharePoint) (Required).Desired Skills and Abilities:· Experience in multinational companies (Required).· Effective knowledge of Risk management (Required).· Effective knowledge of Risk management frameworks (ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) (Required).· Effective knowledge of Information Security frameworks (Mitre ATT&CK, NIST, ISO 2700X …) (Preferred).· Experience in information security management reporting and related methodologies (Preferred).· Information Security and /or Information Technology industry certification (CISSP, CISM, or equivalent) (Preferred).FIND your futureAXA XL, the P&C and speciality risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it.How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and speciality.With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.Learn more atInclusion & DiversityAXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic.At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and reach their highest potential. It’s about helping one another — and our business — to move forward and succeed.

Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe
Robust support for Flexible Working Arrangements
Enhanced family-friendly leave benefits
Named to the Diversity Best Practices Index
Signatory to the UK Women in Finance Charter

Learn more at . AXA XL is an Equal Opportunity Employer.SustainabilityAt AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations.Our Pillars:

Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society – are essential to our future. We’re committed to protecting and restoring nature – from mangrove forests to the bees in our backyard – by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans.
Addressing climate change: The effects of a changing climate are far-reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions.
Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting.
AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day – the Global Day of Giving.

For more information, please see axaxl.com/sustainability.

AXA XL

Apply Now