Risk Analyst (Information Security)

The RAMP Analyst is an expanding role and entails driving AXA XL's security risk posture. The role includes working with multiple subject matter experts on a wide variety of topics to determine if temporary exceptions to the Information Security Policy are acceptable. Strong communication skills are a must as the candidate will be working with colleagues globally.

The Risk Analyst will work under the responsibility of the Head of IS Services and Risk Management or delegate. The responsibilities of the role will focus on the Risk Acknowledgement and Mitigation Plan (RAMP) process that handles the exceptional noncompliance to the policies and include the following:

• Support the business and IT stakeholders in the creation of RAMPs
• Ensure that created RAMPs are properly formatted and complete to be able to go through the RAMP process without issues & delays
• Communicate weekly on the RAMPs that are new or need a review in the RRG
• Animate the weekly RAMP Review Group
• Maintain a proper audit track on all RAMP associated decisions and act as a secretary for RRG meetings
• Manage and maintain the RAMPs register, a consistent record of all RAMPs raised, their current status, expiry date and details of any mitigation to be carried out and by whom
• Ensure that all Risks Acknowledgement go through due process in a timely manner
• Become familiar with changes to the policy and supporting standards, so that all RAMPs reference the correct risk and RAMP metrics can accurately reflect the overall status.
• Produce monthly reporting to the local IT, Security and Risk governance on the residual risk that were acknowledged / accepted and the most important monitored risks
• Act as a champion for Information Security when dealing with areas of the business, providing assistance with the raising of information risks and explaining current policy as required

We’re looking for someone who has these abilities and skills:

• Master’s degree in Computer Science, Engineering, or related field with a minimum of 5 years of professional experience in Risk Management (Required) and/or Information Security (Preferred)
• Expert in synthesizing and clearly communicating complex information to all audiences up to C-Level leaders (Required)
• Experience in articulating risks in business language and advising on the appropriate risk management action (Required)
• Excellent attention to detail and the ability to create clear, concise and engaging presentations breaking down difficult problems (Required)
• Expert analytical and reporting skills (Required)
• Excellent interpersonal and collaborative skills (Required)
• Expert in Microsoft Office (Word, Excel, PowerPoint, SharePoint) (Required)
• Experience in multinational companies (Required)
• Strong knowledge of Risk management (Required)
• Strong knowledge of Risk management frameworks (ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) (Required)
• Effective knowledge of Information Security frameworks (Mitre ATT&CK, NIST, ISO 2700X …) (Preferred)
• Experience in information security management reporting and related methodologies (Preferred)
• Information Security and/or Information Technology industry certification (CISSP, CISM, or equivalent) (Preferred)

AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it.

AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic.

At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential.

AXA XL is an Equal Opportunity Employer.