CONTEXT:

Throughout AXA, the security community represents 1000 security professionals, working daily to protect our employees, customers, operations and brand. Our operating model gathers the three security disciplines Information Security, Operational Resilience and Physical Security & Safety. Our security mission is to ensure that AXA is safe, secure and resilient.

AXA Group Security, as part of AXA GO, defines the security strategy, standards and provides assurance to the Group on the security maturity of all entities across AXA. In its role, it also supports our professional family in entities in maintaining their security posture and respond and coordinate responses to crisis.

This is accomplished through four strategic levers:

Safe: It is about our people, have them ready to face security challenges including third parties, health professionals

Secure: Secure the business of today and tomorrow, by increasing security effectiveness on a risk-based approach for all entities.

Resilient: Enhance anticipation, detection and reaction capabilities in case of events & Security by design

Simple: Simplify, converge and automate our services and activities

The Cyberdefense Product and project team is responsible for creating and updating the tactical product roadmap, managing the operations of the security products, in addition to enhancing product capabilities to execute the strategy defined by Group Security and deliver Cyber products to the AXA entities.

The Cyberdefense Product team oversees:

• The management and the evolution of existing class 1 (mandatory) products named Public Cloud Security Tower
• A product is the combination of a Team, supporting information security Processes, operating a technology (compliance scanning tools).

Our missions are to:

• support our business strategy and digital transformation, AXA is setting up a new information security practice to ensure a coordinated response to the increasing threat of cybersecurity in Cloud environment (Public and Private)
• The team performs and scheduling compliance and vulnerability scans on AXA network activity and infrastructure and generating reports to different teams (such as server admins, network administrators in order to mitigate scanned vulnerabilities).

Our goals are to:

• Deliver Security compliance measurement to AXA group
• Improve remediation activities using automation and technology
• Deliver high quality services to AXA group

DESCRIPTION:

As Product owner, you will: 

• Develop and adapt products vision and roadmap in collaboration with the product manager and by discussing with customer / end-users 
• Manage the product backlog, such as new feature and improvement, its delivery and its quality
• Help evaluate business value and benefits
• Determine whether a product backlog item was satisfactorily delivered 
• Contribute to Epic, Feature, User stories definition and progress tracking
• Follow the day-to-day LOA (run) organization, blockers, and prioritization of the team with the support of the Product Manager
• Be a leader for the team and for AXA in term of expertise on the product technology and IS security process, aka Security Compliance management (CIS Benchmark, Cloud Security Compliance)
• Ensure transparency into the upcoming work of the team 
• Involve all relevant stakeholders (architecture, entities, security, data privacy etc.) to ensure technical feasibility 
• Coordinate internal resources and third parties/vendors for the flawless execution of projects 
• Ensure resource availability and allocation and execution (in collaboration with product manager)
• Raise alert and identify solution to ensure on time delivery  
• Evangelize within and outside AXA about the solutions you develop and market them accordingly
• Regular reporting of progress, risks, and issues towards the product manager and other stakeholders
• Participate to Product governance and meetup

TEAM STRUCTURE:

The team is led by one Product manager, and 3 people (FTE) for the LOA (run) activity and about 3-4 people part of the team on dedicated strategic project.

We are looking for a team member that will support Cyberdefense Product manager as technical lead and product owner role.

One of our target is to stay at the “state of art” of security while helping the team to be more agile.

Experience:

• Hands-on experience with Security compliance management tools (e.g. Tenable, Qualys, CIS, Azure, AWS, etc.) (required)
• Understanding of Hardening controls based on Security Industry Standards, such as CIS Benchmarks (Windows Server, Redhat Linux, AWS, Azure) (required)
• Work Experience in Private and Public Cloud Security (mandatory)