Compliance Lead

AXA is becoming a sustainable techled company and at AXA Group Operations we are one of the major catalysts for this transformation. We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation driving its concrete implementation globally at speed with a high quality of advisory and . We are present across 17 countries with committed highly qualified teams. We leverage technology data sourcing security and investment allocation in a global way but also achieve economies of scale and synergies when necessary. At AXA Group Operations we want to be recognized in three fields of action: Stateoftheart Data Technology to drive customer experience Stateoftheart Procurement & Sourcing to drive efficiency and better manage risks HighPerforming Global Team for stronger partnerships with AXA entities

Your Profile :

What youll need to succeed in this role :

• At least 6 years of professional working experience in a similar position in Insurance or
  banking (or in a highly regulated environment)
• A university degree ideally in the fields of information technology computer science
  information security or a related field
• Be familiar with applicable insurance regulations and how they impact IT department.
  Internal
• Strong interpersonal skills and the ability to develop effective trustworthy relationships
  with the business stakeholders and GIE SMEs (CSO DPO)
• Staying aware of Information Security current affairs business continuity data
  management security and encryption and vulnerability analysis and audit
• Excellent communication skills both written and verbal to be able to articulate complex
• IT risks in simple business terms.
• Excellent problem solving and selfmanagement skills to solve technical problems
  tactically and analytically and successfully handling management information and
  metrics design collection analysis reports etc
• Advanced knowledge of organization technology controls security and risk issues
  Demonstrated ability to participate in complex comprehensive or large projects and
  initiatives.
• Ability to serve as a lead expert resource in technology controls and information security
  for project teams the business and outside vendors.
• Audit or controls background Big Four experience are a plus.
• Experience with Key Risk Indicators and Technology Risk reporting is a plus. Recognizedcertification in Information Security such as: Certified Information Security Manager
  (CISM) Certified Information Systems Security Professional (CISSP) or CRISC are a plus.

As a worldleading insurance company we act for human progress by protecting what matters. With 153000 employees in 54 countries working with 105 million customers weve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values and together were nurturing a culture of respect for each other for our customers and the communities around us. Join AXA and youll feel like you belong are included and can thrive. Youll be able to shape the way you work and truly grow your potential as you seek out new opportunities push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.

We bring together the expertise cultural diversity and creativity of over 8000 employees worldwide and were committed to equal opportunities in all aspects of employment (gender LGBT disabled persons or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect and where individual differences are valued.

IT Compliance and Risk lead

Whatever their stage of life we provide over 108 million customers with the products and
services they need to progress. From insurance to personal protection and savings to wealth
management no matter the need were always there for them. And were always there for our
employees. In 50 countries we work hard to inspire pride and a sense of belonging in our
people. To provide opportunities that challenge them inspire them and reward them. And to
create a culture thats open supportive and empowering. Because we know thats the real
secret to success and the best way for us to keep building a better world for both our
customers and the talented people who put them first.

Your work environment:

The division

• Group CIO creates the link between technology and business strategy and priorities defines
  the technology operating model for AXA sets global and local architecture applications and
  infrastructure standards and leads the definition and of global technology strategy
  and technology lifecycle to enable innovation and business growth.
• Within the Group you will join the AXA GO CIO department. The IT Department aims to drive
  the digital transformation of the GIE (local and corporate functions) promoting and deploying
  innovative IT solutions aligned with the Groups strategy. The department serves as a true
  partner to the business functions providing support and guidance.
• Within this Department you will be part of the Governance & Performance team in charge of
  the operational and strategic management of IT services global programs finance workforce
  Governance Risk and compliance.

Your job and daily missions:

You will work closely with the Head of Governance and Compliance to secure information
create and implement strategies to minimize the variety of risks that could threaten the key
information. Moreover youll partner with the business to continually assess and identify
potential risks evaluating them to ensure that they are appropriately mitigated through properly
implemented policies procedures training systems and controls.

CONTEXT AND MAJOR CHALLENGES

The insurance sector is subject to a complex and constantly evolving regulatory framework
including regulations such as the Digital Operational Resilience Act (DORA). At the same time
the rapid development of digital technologies and the rise of cyber threats have increased the
complexity of risks facing companies.

In this context the profile of the IT Compliance and Risk Lead must be able to meet these
challenges by developing and implementing compliance and IT risk monitoring strategies
adapted to this complex regulatory environment and constantly evolving cyber threats. They
must be capable of maintaining constant regulatory and technological monitoring collaborating
with internal and external stakeholders and advocating for innovative security practices and
tools to mitigate risks and ensure compliance with regulatory requirements.

Key Accountabilities :

• Monitoring and managing the IT systems to ensure that they are secure.
• Ensure that IT control framework for the activities under the CIO responsibilities are
• aligned to the global framework when relevant and undertaking the risk reviews.
• Identifying potential regulatory and nonregulatory IT risks through thorough and ongoingrisk assessments with relevant business leads
• Assisting in finding practical and costeffective solutions on risk issues.
• Building and maintaining strong and positive working relationships and effective means of communication with other GIE department (CSO DPO Information Risk Management) and AXA GO
• Providing direction and guidance in the development implementation and communication of risk related policies and standards
• Working in relation and conformity with internal and external auditors
• Providing guidance to employees colleagues and/or governance stakeholder
• Providing aggregated risk and controls supervision measurement and reporting
  activities.
• Actively engaging in endtoend risk remediation planning resolution and monitoring
  activities.
• Monitoring key milestones escalation of past due activities problem triage and
  management and archiving key monthly artifacts for audit purposes.
• Develop ongoing technology risk reporting monitoring key trends and defining metrics
  to regularly measure control effectiveness.
• Leading the IT Business Process Improvement and contribute to the review of internal
  processes and activities and identify potential opportunities for improvement.
• Adhere to advise oversee monitor and enforce enterprise frameworks and
  methodologies that relate to technology behavior to reduce risk and foster a strong technology risk management
  culture throughout GIE AXA