Senior Specialist – Third-Party Assurance
India
At AXA XL we solve today’s complex risks to drive tomorrow’s innovation. We see our careers with AXA XL as a chance to unleash our potential globally. Cultivate expertise. Collaborate constantly. Analyze deeper. Dream bigger.
We are looking for an individual who has well-defined skills in technology and communication who will be a proactive contributor to the Third-Party Assurance Team and aid in upholding the AXA XL security policies and global Information security regulations through the execution of Third-Party Information Security Assessments. You will have a vested interest in learning the AXA XL’s Third-Party Assurance Team’s procedures and be a valued member of a global team.
You will be based in our newly refurbished Ipswich office, however, we are excited to be implementing our Smart Working initiative in the coming months offeringa hybrid way of working, combining both remote and office working.
DISCOVER your opportunity
What will your essential responsibilities include
Essential Responsibilities:
.Ensure that AXA XL Third-Party Assurance standards are met for all Third Parties that are hosting or handling AXA XL data, and/or connecting to the AXA XL network.
.Possess a working knowledge of the sources from which AXA XL standards are derived: AXA XL’s Internal Information Security Policy, The New York State Department of Financial Services Cybersecurity Regulations (NYDFS), and Data Privacy laws (including GDPR).
.Assess each third party based on their situations and the risk that the data loss would pose to AXA XL or AXA XL’s customers, including the type of data involved, the Third Party’s processing activities, the applicable jurisdiction, etc.
.Provide expertise and consultancy covering all aspects of AXA XL’s Information Security infrastructure and policies.
As a Senior member of the team, responsibilities: include the below in addition to:
.Oversight of key team milestones/projects
.Training and support of team members
.Support in report generation for management/regulatory/audit inquiries
Third-Party Assurance Team responsibilities:
.Engagement in the Information Security Review Team’s Third-Party Governance Business Partner Risk Evaluation Platform (BPREP) tool.
.Provide ongoing assistance and education to the Third Party throughout the BPREP process, including but not limited to:
oAttend meetings as needed to aid in the completion of the questionnaire, and address questions and concerns.
oCommunicate with Third Parties in a timely proactive manner to meet internal workflow timelines.
.Evaluate the answers and documentation provided by Third Parties to determine regulatory and internal policy compliance of the proposed vendor’s network environments. Documentation may include but is not limited to the following:
oThird-party Information Security policies.
oIndependent Control Assessment Report (SSAE18, ISAE3402, Cyber Essentials, etc.).
oThird-party penetration test/ethical hack results.
oVulnerability scan results.
oOther control documentation and/or attestations.
.Knowledge of various internal tools and software to ensure the Confidentiality, Integrity, and Availability of AXA XL data. Such tools may include but are not limited to SAI BPREP application, Cyber Risk Analytics, Data Breach Calculator, TLS Checker
.Autonomy to develop and provide detailed assessments to Third Parties and business stakeholders identifying the potential deficiencies and mitigation steps required to be taken to meet the minimum AXA XL Security requirements.
Third-Party Assurance Contract Negotiation responsibilities:
.Collaborate with Procurement, Legal, Data Privacy, Business Stakeholder(s), and/or other internal parties to assist in the successful and timely execution of new agreements, renewal agreements, and/or amendments to existing agreements.
.Ensure proper AXA XL Security Language is present in the relevant agreement.
.Discretion and ability to negotiate the language by the AXA XL Security requirements.
.Autonomy to manage the deficiencies found during the BREP review and determine mitigation actions in support of the AXA XL Risk Acknowledgement and Mitigation Plan (RAMP) filing process.
.Comply with the AXA Group vendor risk framework through the contract management solution Contract In.
You will report to the Third-Party Assurance Team Lead.
SHARE your talent
We’re looking for someone who has these abilities and skills:
Required Skills and Abilities:
.Excellent communication skills, written and verbal.
.Ability to manage process workflow, participant expectations, conflict resolution, and project management skills are critical to success.
.Confident and successful negotiator.
.Ability to effectively work with and contribute to a close-knit team while also being a self-starter is critical to success.
.Organizational and time management skills and the ability to manage multiple reviews and tasks at the same time are essential.
.Ability to research, and further develop skills in applicable areas of Information Security is essential.
Desired Skills and Abilities:
.Understanding the security impact and implementation of the triad (confidentiality, integrity, and availability) on data networks and the appropriate risk model to present to business management are key ingredients to this position.
.Information security or IT background is preferred and/or related practical experience, which could include a working knowledge of the following security services and tools:
oCISSP domains and knowledgebase
oISO 2700 suite of standards
oVulnerability scans/scanners
oEthical Hack/Penetration tests
oIntrusion Prevention Systems/Intrusion Detection Systems
oFirewall technologies
oCloud Security
oAccess Control
oEncryption
oSIEM
oData Loss Prevention
oMicrosoft Office
FIND your future
AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals, and even some inspirational individuals we don’t just provide re/insurance, we reinvent it.
How By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines, and specialty.
With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.
Learn more at
Inclusion & Diversity
AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic.
At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance, and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential.
Learn more at . AXA XL is an Equal Opportunity Employer.
Sustainability
At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called Roots of resilience, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations.
Our Pillars:
For more information, please see axaxl.com/sustainability.
Greetings, PLEASE READ THE JD BEFORE APPLYING Anyone want to start a carrier after long break or fresher or non...
Apply For This JobJob Description Job Description: About Us At Bank of America, we are guided by a common purpose to help make...
Apply For This JobJob Description What impact will you make Every day, your work will make an impact that matters, while you thrive...
Apply For This JobJob Description Job Description About Oracle Cloud Applications are the world’s most complete and integrated suite of enterprise SaaS applications....
Apply For This JobJob Description With a startup spirit and 115,000 + curious and courageous minds, we have the expertise to go deep...
Apply For This JobJob Description Role (Designation) Architect – Customer Identity and Access Management (CIAM) Desired Competencies (Technical/Behavioral Competency) Technical Thorough understanding on...
Apply For This Job