Cyber Assurance Technical Project Manager

Ipswich, UK

AXA XL is an Equal Opportunity Employer.

As a Cyber Assurance Technical Project Manager you will provide expertise and consultancy covering all aspects of AXA XL's Information Security and policies. You will interact with IT representatives to ensure adherence to corporate and information security policies. You will have skills to provide expert level assurance in penetration testing and vulnerability assessments. The ability to manage business and IT expectations, compliance, and Security requirements are critical to success.

You should also have the ability to manage a small team / vendor resources for tasks assigned by Cyber Assurance Program Managers. Each Technical Project Manager will be responsible for oversight of a subset of annual penetration tests. This includes planning, execution and closure tasks (i.e Scoping, ensuring all prerequisites are in place, tests run on schedule, reports received, remediation advice is clear, setting up post test calls) to ensure AXA XL can meet its testing goals.

Knowledge of the security impact and implementation of the triad (confidentiality, integrity, and availability) on applications and the appropriate risks to present to business management are key ingredients to this position. To that effect, you should be a CISSP or be able to obtain the same certification within two calendar years.

You will be required to understand completely the risk associated with various vulnerabilities, technologies and their delivery and service mechanisms supporting the infrastructure and business. In conjunction with the above, you must understand the necessary controls and countermeasures to enable the enterprise to operate securely.

What you'll be doing

What will your essential responsibilities include?

• Manage application and security assessments allocated by Cyber Assurance Program managers from start to end of the penetration Testing lifecycle. Testing should occur on time and output findings/reports should be communicated to internal stakeholders after review.
• Work with Cyber Assurance Program managers and Internal AXAXL stakeholders to strategically plan testing windows on suitable dates. Assisting testers with Scoping Calls, ensuring prerequisites are in place in advance of test dates.Troubleshooting procedural /technical challenges and any blockers faced by testers. Ensure smooth delivery and completion of penetration tests.
• Providing regular updates to Cyber Assurance Program Managers on status of tests you have been allocated to support.
• Perform Technical Vulnerability and Web Application scans and provide output to security testers/application owners where required.
• Conduct quality assurance on vendor supplied reports for Cyber Assurance Program Managers at end of testing before these are passed to internal stakeholders.
• Provide technical input in Post Test review calls to review reports after each test, ensure vulnerabilities are explained to Business / Application Owners along with remediation guidance and timelines.
• Participate in supporting wider Cyber Assurance team activities such as Cyber Essentials/DORA and Security Architecture reviews, provide security input to Cyber Assurance Program Managers.
• Contribute to producing Metrics and updating internal trackers to track status of tests and engagements for review by Cyber Assurance Program Managers. Ability to present metrics and reporting to Information Security leadership team.
• Version/Maintenance/Release monitoring of various discovery tools.
• Contribute to tracking and maintenance of Software licenses used by security tooling within the team and feed back status to Cyber Assurance Program Managers.
• You will report to Head of eDiscovery and Cyber Assurance.

What you'll bring

We're looking for someone who has these abilities and skills:

Required Skills And Abilities

• Established Penetration Testing experience and / or
• Information Security Project Management experience
• Proven experience Penetration Testing, cybersecurity, or related fields.
• Understanding of Penetration Testing process and lifecycle, OWASP Application vulnerabilities and IT systems.
• Knowledge of Cybersecurity frameworks (e.g., NIST, ISO and compliance regulations (e.g., DORA, GDPR, Cyber Essentials).
• Familiarity with Security tooling and vulnerability Scanning e.g. Qualys, Nessus, Burpsuite
• Digital Forensics or Discovery experience
• Basic understanding of eMail infrastructure / Outlook / Office365 and Microsoft Application
• Basic understanding of virtual environments
• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field, Master's degree or relevant certifications (e.g., PMP, Prince, CISSP, OSCP) is a plus
• Be able to work in a pressurised situation and set priorities accordingly.
• Ability to work in a fast paced, high pressure work environment.
• Excellent technical writing skills and oral presentation skills
• Maintain a high level of ethics, morals, confidentiality and integrity.
• Propose process changes and improvements for consideration.
• Continuously learn and implement new technologies and methods in digital forensics and forensic countermeasures.
• Ability to build effective relationships with key stakeholders across the organisation.
• Ability to think logically to analyse, troubleshoot and resolve complex issues.
• Must be professional, courteous and enjoy working with people; critical thinking, creativity, and effective judgement are expected.
• Established interpersonal skills and the ability to work within a team.
• Established English proficiency

What we offer

Inclusion
AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and enables business growth and is critical to our success. That's why we have made a strategic commitment to attract, develop, advance and retain the most inclusive workforce possible, and create a culture where everyone can bring their full selves to work and reach their highest potential.
It's about helping one another — and our business — to move forward and succeed.

• Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe.
• Robust support for Flexible Working Arrangements
• Enhanced family-friendly leave benefits
• Named to the Diversity Best Practices Index
• Signatory to the UK Women in Finance Charter

Learn more at AXA XL is an Equal Opportunity Employer.

Total Rewards
AXA XL's Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security. It provides competitive compensation and personalized, inclusive benefits that evolve as you do.

We're committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence.

Sustainability
At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our Sustainability strategy, called "Roots of resilience", focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations.

Our Pillars

• Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future. We're committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans.
• Addressing climate change: The effects of a changing climate are far-reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions.
• Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We're training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting.
• AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL's "Hearts in Action" programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving.

For more information, please see

Who we are

AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don't just provide re/insurance, we reinvent it.

How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty.

With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.

Learn more