Detection Engineering Lead

JOB ENVIRONMENT

With over 102 million customers in 56 countries AXAs strong global franchises and three lines of expertise Property & Casualty Life & Savings and Asset Management provide a distinctive business portfolio. As a company whose business is to protect people we have a responsibility to leverage our skills resources and risk expertise to build a stronger and safer society. To achieve our mission we are committed to redefining the standards of our business so that we truly differentiate ourselves and earn the trust of our key stakeholders.

As an integral part of AXA at AXA Group Operations (AXA GO) we create innovative technology and data solutions to help AXA fulfil its ambition of being a customerfocused techled company. AXA GO is a young and dynamic division launched in 2019 and comprises 8000 employees across 17 countries all around the globe from Paris France to Pune India. We are the ones providing advice steering technological choices and giving AXA access to innovations that will support its transformation into a customercentric techled company. For this we work in close partnership with all AXA entities.

PRESENTATION OF THE CONTEXT AND AXA GROUP SECURITY

Throughout AXA the security community represents 1000 security professionals working daily to protect our employees customers operations and brand. Our operating model gathers the three security disciplines Information Security Operational Resilience and Physical Security & Safety. Our security mission is to ensure that AXA is safe secure and resilient.

AXA Group Security as part of AXA GO defines the security strategy standards and provides assurance to the Group on the security maturity of all entities across AXA. In its role it also supports our professional family in entities in maintaining their security posture and respond and coordinate responses to crisis.

This is accomplished through four strategic levers:

Safe: It is about our people have them ready to face security challenges including third parties health professionals

Secure: Secure the business of today and tomorrow by increasing security effectiveness on a riskbased approach for all entities.

Resilient: Enhance anticipation detection and reaction capabilities in case of events & Security by design

Simple: Simplify converge and automate our services and activities

CYBER DEFENSE

Within Group Security the Cyber Defense department provides the entities and markets with first line of defense services. Under Cyber Defense Security Operations Center (Security Operations Centre) is designed to prevent detect and react to cyber threats.

POSITION MAIN ACTIVITIES

Security Operations Center (SOC) delivers the following capabilities to the AXA entities around the globe: Security Incident Detection Threat Hunting Security Incident Response and Threat Intelligence.

The Detection Engineering Lead is a critical role within our Global SOC responsible for leading the development implementation and optimization of advanced detection capabilities. This role requires deep expertise in threat detection security technologies and leadership to drive the SOCs mission of protecting the organizations digital assets. The successful candidate will work closely with crossfunctional teams focusing on designing and implementing effective detection strategies that can anticipate and mitigate threats in a dynamic and complex global environment. Collaboration with dedicated threat hunting and incident response teams is key to ensuring seamless operations.

Key Responsibilities

Detection Strategy Development: Lead the creation refinement and delivery of detection strategies that address both current and emerging threats across the global organization

Detection Engineering: Design implement and optimize detection use cases rules and algorithms within SIEM EDR and other detection platforms

Collaboration with Threat Intelligence Teams: Timely leverage actionable threat intelligence for designing better detections and continuously improving them

Collaboration with Security and Detection Teams: Ensure Security Analysts have the necessary information and means to properly analyse alerts from detections delivered

Collaboration with Threat Hunting Teams: Partner closely with dedicated threat hunting teams to share insights and refine detection capabilities based on their findings and intelligence ensuring that detection strategies remain proactive and responsive to emerging threats

Collaboration with Incident Response Teams: Work closely with incident response teams by providing them with robust detection capabilities and ensuring that the tools and techniques in place are effectively identifying and categorizing threats for timely response

Automation & Orchestration: Lead efforts to automate detection processes and integrate advanced detection techniques using SOAR platforms

Collaboration & Communication: Work closely with global SOC analysts IT and business units to ensure alignment of detection capabilities with business priorities and risk profiles

Leadership & Mentorship: Lead and mentor a team of detection engineers and experts fostering a culture of continuous improvement and innovation

Metrics & Reporting: Develop and report on key performance indicators (KPIs) related to detection efficiency effectiveness and coverage to senior management

Technology Evaluation: Stay abreast of emerging technologies and trends in cybersecurity leading the evaluation and implementation of new tools and techniques that enhance detection capabilities

Compliance & Best Practices: Ensure that detection strategies and operations comply with relevant regulations standards and b

Scope: All AXA entities

Team structure: Security Operations Center comprises of Security Monitoring and Detection Security Incident Response & Forensics Platform Management Lifecycle & Integration and Quality Assurance teams.

Stakeholders:

Internal actors: Group IT and Cyber Defense teams Group Security Entities Group Procurement Group Finance GO Markets GO Partnership Office Security Operations Center operational teams

External actors: vendors professional bodies industry peers

As a worldleading insurance company we act for human progress by protecting what matters. With 153000 employees in 54 countries working with 105 million customers weve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values and together were nurturing a culture of
respect for each other for our customers and the communities around us. Join AXA and youll feel like you belong are included and can thrive. Youll be able to shape the way you work and truly grow your potential as you seek out new opportunities push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.

PROFILE SKILLS & COMPETENCIES

Experience

Experience in Information Security > 8 years

Experience in a similar role > 2 years

Education

University degree in information security or equivalent work experience

Skills and Competencies

Analytical Mindset: Strong analytical and problemsolving skills with the ability to think critically and identify patterns in complex datasets

Leadership and Teamwork: Excellent leadership abilities with a proven track record of building and developing highperforming teams

Communication: Strong verbal and written communication skills with the ability to articulate complex technical concepts to nontechnical stakeholders

Adaptability: Ability to work in a fastpaced environment and adapt to evolving threats and technologies

Proactive Attitude: Strong sense of initiative with a proactive approach to identifying and mitigating security risks

Global Awareness: Understanding of global cybersecurity regulations and standards particularly in the insurance industry