Corporate Security Consultant (ISO 27001)

Remote, MA

Corporate Security Consultant (ISO 27001)

PRIMARY LOCATION : REMOTE

Reports to: Chief Risk Officer
Internal actors: Expected to interact with Local Information Security, Operational Resilience and Physical Security & Safety Teams. Peer Security officers and Corporate CSO
External actors: Expected to interact with professional organizations, external audit, peers

Understand SOC 2 inside and out
Negotiate with compliance teams to show that control objectives meet internal controls.

Job purpose

Support C-CSO in ensuring that security is implemented within the scope in accordance to Group Security Strategy and Framework
Contribute to the development and implementation of a consistent approach to all security topics within the scope, including Information Security and/or Operational Resilience and/or Physical Security and/or Health & Safety
Support C-CSO in providing 2nd line of defence governance and oversight of all security activities within the Market/area of responsibility
Support C-CSO in the oversight of the local security budgets (oversight and execution) and for managing the CSO communities in the Market
Identifies entity strategic requirements and supports the definition of the AXA Group security strategy, framework, operating model and capabilities, bringing expert knowledge, skills, experience, best practice and innovation to enhance security and improve security maturity throughout the Group
Support Crisis Coordinators in place for all entities and when required provides professional support to the Market Leadership Teams, Entity and Group Crisis Management Teams - coordinating the response to multi-entity crises as required
Support the process of security targets setting of his/her entities and monitors the achievement
Ensures alignment/coordination between the entity (CXOs and CSOs) and Group Security

Key responsibilities

Collaborate with and support the Group Security Practice and other stakeholders as necessary to ensure that security within the local entity is relevant, cost-effective and is delivered in accordance with the Group Security Strategy
Serve as an expert advisor to local security management of the local entity in the implementation and maintenance of security
Support the implementation of security strategy, policies, shared security services and action plans based on the Group Security Strategy
Support the development, implementation and successful execution of security operations not offered by security shared services at the local entity