Axa

SOC INTEGRATION LEAD

Click Here to Apply

Job Location

Paris, France

Job Description

Our mission at AXA is to empower people to live a better life. We have to move from a perceived payer of claims to a strong partner in life for our customers. Thus, our role as Group Operations must be to support and to empower all AXA teams in the best way to achieve together this meaningful aspiration.

The most powerful levers to achieve this can be summarized as Innovation and Execution, and will drive all Operations teams:

  1. Innovation: To create and provide the prerequisites and opportunities for all AXA teams to develop leading innovative solutions for the needs of our current and future customers.
  2. Execution: To create an environment which allows our teams all over the world to bring their ideas to reality and make our strong promise to the customers happen.

Our concrete goals are to:

  1. Reinforce and realize our value creation for the global AXA organization;
  2. Support and foster innovation across AXA in a close alignment and teaming with Group Business Innovation;
  3. Embed simplicity and empowerment in our day-to-day working as well as ensure that we contribute to AXA’s mission and strategy.

CYBER DEFENSE

Under Group Security, the Cyber Defense department provides entities with first line of defense services to protect, detect and react to Cyber Threats and Attacks and deliver IT Security Products.

Within Cyber Defense, Security Operations Center (SOC) is designed to prevent, detect and react to cyber threats.

Security Operations Center (SOC) delivers the following capabilities to the AXA entities around the globe: Security Monitoring and Detection, Security Incident Response and Threat Intelligence. The two transversal services of the SOC allow increasing coverage and overall detection capability which are Log Onboarding Factory and Use Case Factory.

The Log Onboarding Factory provides a mechanism to ensure that AXA entities have the right log sources monitored by onboarding new assets in line with the log monitoring requirements (to cover critical assets) and updating the log monitoring scope following periodical assets inventory review.

As part of the log onboarding factory, SOC Onboarding & Integration Specialist will be in charge of the following activities:

  1. Onboarding logs following logs onboarding guidelines and process:
    1. Identifying prerequisites for log sources to be onboarded (technology, versions, etc.)
    2. Defining the connectors setup and ensuring the setup of all IP configurations.
    3. Requesting and following up on the opening of the necessary firewall flows.
    4. Providing guidance on configuring the source devices according to logging standard.
    5. Validating that events from log sources are received and troubleshooting when necessary.
    6. Communicating on the progress and blocking points.
  2. Formalize and maintain documentation for log sources onboarding:
    1. For new technology, gather relevant information from the configuration guides related to the log sources technology and from the contacts managing the platform.
    2. Define based on the collected information with the Security Monitoring and Detection and Security Incident Response teams the relevant logs to be collected.
    3. Document and maintain the logging standards, the connectors configuration and the mapping tables.
  3. Manage the delivery of entities onboarding demands and ad-hoc projects:
    1. Drive end to end log onboarding demands/projects in coordination with entities, projects stakeholders, third party log onboarding team: understand the onboarding requirements, manage prioritizations and capacities.
    2. Ensure the delivery from the third party log onboarding team is in line with the onboarding requirements including relevant documentation.
    3. Participate in demand requests and projects as a subject matter expert contributing to proposal and scoping, solution design.
  4. Liaise with the SIEM Platform Management team to ensure continuous integration within AXA environment:
    1. Enable the information exchange and communication flow among the teams that implement SIEM Platform configuration change.
    2. Perform tracking and documentation of all the change activity (i.e. onboarding, connector configuration adjustment, etc.).
    3. Perform regular coordination to exchange information on the planned onboarding, identified issues, etc.

Scope: All AXA entities

Team structure: Security Operations Center comprises of Security Monitoring and Detection, Security Incident Response & Forensics and Configuration & Development teams.

Stakeholders:

  1. Internal actors: Group IT and Cyber Defense teams, Group Security, Entities, Group Procurement, GO Markets, GO Partnership Office, Security Operations Center operational teams.
  2. External actors: third party log onboarding team, vendors, professional bodies, industry peers.

DIMENSION

£ Local £ Regional ¢ International

PROFILE, SKILLS & COMPETENCIES

Experience

  1. Experience in Information Security > 5 years
  2. Experience in IT > 5 years

Education

  1. A Degree in Computing, IT or Engineering

Skills

  1. Experience with SIEM technologies and log onboarding
  2. Good knowledge of Linux and Windows environments
  3. Willingness to learn and understand new technologies
  4. Ability to function effectively in a matrix structure
  5. Team player
  6. Professional and positive approach
  7. A can-do attitude and willingness to go the extra mile when required
  8. Cross cultural sensitivity, flexibility
  9. Fluent in English

#J-18808-Ljbffr

Location: Paris, FR

Posted Date: 11/22/2024
Click Here to Apply
View More Axa Jobs

Contact Information

Contact Human Resources
Axa

Posted

November 22, 2024
UID: 4946741859

AboutJobs.com does not guarantee the validity or accuracy of the job information posted in this database. It is the job seeker's responsibility to independently review all posting companies, contracts and job offers.