IT Security operations sr. managerAXA MANDIRI FINANCIAL SERVICES

Job Description
. Implement and adhere to the requirements of the AXA PH Information Security Policy.
. Reinforce and support the policy statements through security related policies and
standards & Operations, Applications & Data and Infrastructure.
. Coordinate cybersecurity activities with Group Information Security
. Monitor cybersecurity regulatory landscape applicable to the Business Unit
. Measure, assess and report on technology risk and cybersecurity
. Determine appropriate security measures for IT systems.
. Design and implement appropriate security measures in technology solutions and daily operating procedures of other IT line functions.
. Ensure technology risks are appropriately managed by other line functions and appropriate action plans in place to address non-compliance issues are timely addressed.
. Ensure sufficient security controls are implemented in AXA PH IT systems within the
team's responsibility area in accordance with the requirements of the AXA PH Information Security Policy
. Raise the profile of the IT Security & Compliance function across the Business Unit Leadership, with special emphasis on awareness of the implications of cybersecurity incidents and risk
. Align information security controls with business strategy and objectives.
. Monitor cybersecurity incidents across the Business Unit, as subject matter expert in the Local Incident Management Team and close coordination with Group Information Security
. Representative of the Business Unit for the assessment of local regulatory requirements applicable to information security.
. Provide value added services and become a business partner and growth enabler to the business by providing advisory to business leaders.
. Ensure information security principles have the right balance of data protection and
ease of doing business.
. Help build and nurture a local business unit IT security and compliance team
. Implement training content from the group wide information security content.
. Participate in the group information security forum to ensure perspective is adequately factored in.
. Leads, trains and manages IT Security officers and PBHs
The following information security domains and corresponding activities must be properly executed and monitored to ensure achievement of the expected outcomes.
Cybersecurity(SOC)
Vendor Selection
Surveillance
Threat prevention and detections
Incident analysis and investigation
Threat or attack response
Recovery and remediation
Compliance and risk management
Log collection and aggregation
Coordination with AXA SIRT
Infrastructure Security
Endpoint Security Compliance
Network Security Compliance
Cloud Security Compliance
External PenTest and Vulnerability Assessment
Update Application List for VAPT Scanning
Review and Validate VAPT Scan report
Disseminate Scan Report
Monitor PenTest & Vulnerability Remediation
Annual Penetration Testing Scheduling
Internal Vulnerability Assessment
Update Application List for VA Scanning
Review and Validate VA Scan report
Disseminate Scan Report
Monitor Vulnerability Remediation
Application Security
Software assessment and security controls
WAF onboarding
DigitalHub monitoring and management
Cyrptography capabilities
Review and involvement on projects
Security Configuration Compliance
Server Security Patch compliance
Workstation Security Patch compliance
DLP Compliance
AIP Compliance
OS/DB Hardening Compliance
Patch Deployment Compliance
Identity and Access Management
Privilege ID Management
Governance
Security Tollgate
Attend to project meetings
DRF review and approval
Technology Issue Management
RAP review and monitoring
Audit (SPOC External/Internal)
Attend to audit meetings
Collect, Review and Submit requested artifacts
Respond to inquiries
Audit issue compliance/closure
Team Management
Leads, trains and manages IT Security officers and PBHs
Provides first line supervision to SOC Lead
Management oversight for the identification, triage, and response of events/incidents of security breaches
Reviews and reports team performance to T&T Leadership Team
Provides timely and constructive feedback to teams
The position holder may be asked to perform additional tasks and provide information deemed necessary for the Leadership Team to be able to manage and decide upon Information Security Risk matters.
Your Profile
10+ years of information security and technology risk management experience in complex environments, preferably in insurance or financial services sector.
Deep and broad technology understanding on the security platforms including application security, network security, identity and access management and devices security in addition to underlying infrastructure
Proven experience in managing security functions from an implementation and incident response perspective
Critical thinker, natural leader and deal shaper from technology/enterprise perspective with experience managing and mentoring diverse cross-cultural teams within complex environments
Understand the complexities and challenges of the organization, integrated processes, information and technologies in order to develop future-state models to best realize organizational strategies
Excellent communication skills with ability to influence and partner with key internal and external stakeholders
Innovative self-starter, highly motivated, business savvy with strong people skill
A degree or post-graduate degree in Computer Science or MIS, a holder of professional IT security qualifications: CISSP, CISM or similar is an advantage
About AXA
A global leader in insurance and investments, AXA takes care of 103 million lives in 64 countries worldwide. We actively invest in pioneering and personalized solutions to meet your ever-changing needs and exceed your expectations. In the Philippines, we are in partnership with Metrobank, one of the country's strongest banks.
About the Entity
Established in 1999, AXA Philippines is one of the largest and fastest growing life insurance companies in the country. It offers financial security to more than one million individuals through its group and individual life insurance as well as general insurance products through its subsidiary Charter Ping An.
AXA Philippines is one of the first to introduce bancassurance operations in the country, and is among the pioneers in the investment-linked insurance sector.
AXA now offers a complete range of products for all its customers insurance and financial protection needs, including savings and investments, health plans, income protection, and health coverage and through its general insurance subsidiary Charter Ping An Insurance Corporation: fire, motor car, marine cargo, personal accident, bonds, casualty, and engineering insurance products.
AXA Philippines closed 2017 with P26.4 billion in total premium income and P5.7 billion in gross written premiums from Charter Ping An. Today, AXA has more than 4,000 financial advisers in 36 branches, and 700 financial executives in over 900 Metrobank and PSBank branches nationwide. Charter Ping An, on the other hand, has 22 branches nationwide and 2,007 agents.
AXA Philippines is a joint venture between the AXA Group, headquartered in France, and the Metrobank Group, one of the largest financial conglomerates in the Philippines.
The Metrobank Group is a conglomerate of industry-leading businesses that includes First Metro Investment Corporation, Metrobank Credit Cards, Federal Land, Toyota, and Manila Doctors Hospital. It was hailed Best Bank in the Philippines in 2010, 2011, and 2012 by Euromoney and recognized as the strongest bank in the Philippines by The Asian Banker in 2013. It is owned by the Ty Family whose major business interests include financial services, real estate development, power, and manufacturing.
What We Offer
Please visit for more information.