Poste :
The Cloud Security Engineer is responsible for:
• Act as a local Cloud Broker reference for operational security activities of the Public Cloud platforms
• Know, understand and secure the Public Cloud environment and the related context
• Review Security related changes on Public Cloud platform components
• Liaise with Security representative between Cloud Brokers, Products/Applicative owners and Group Operation Security
• Implement and control security analysis for Platform upgrades, Changes, Compliance requirements
• Implement and control Cloud Platforms Continuous Security Assurance Plan
• Integrate Security By Design prerequisites into CI/CD and Infra As a Code Provisioning
• Suggest effective security controls to be implemented for Cloud Platforms and Services
• Coordinate with Cloud product teams to consolidate cloud security reports.
• Interact with Entities Teams Representative to ensure the effective compliance and remediation of security issues (Vulnerabilities and non-compliance to AXA standards)
The activities under the scope are:
Local Governance :
• CB Security Mandates : definition, review, upgrades and evolutions
• CB Security Governance review on the security activities with GO Security, Market CB, Group Information Security etc
• CB Security Operating Model : definition with all Security teams within AXA (Group Security, Group Operation Security, Risk Teams, Operational Resilience etc)
• CB Security service catalog : define a service offer around security activities to be provided as a service to Market CB and by cascade to the entities
• CB Security processes : Define, implement and update security related processes over organizational and operational activities
• CB Security Change management : Organize the security changes between multiple teams including technical and business operations
• Organize, inform, support and report on Security projects
• Provide assistance and expertise for Secure Cloud Enablement within AXA Public Cloud (Service validation, Service Integration, Obsolescence, End of support, new Services, Versions upgrades/deprecations …)
• CB Security advisory and assistance
• CB Security onboardings
• Knowledge Management
Security Projects cross Market :
• Provide security expertise on the projects for secure enablement
• Organize security forums for information and reporting
• Implement and/or follow implementation of security projects
Local FinOps initiatives :
• Manage and implement Finops initiative identified by other stakeholders
• Define new Finops cost optimizations using Cloud advisories
• Make security posture evolve with finops considerations
Security Mandatory Compliance:
• Participate on security controls evaluations,
• Assess and evaluate new security controls and specific use cases
• Validate security controls implementations, reporting mechanisms
• Remediate and/or provide assistance for non-compliance remediations
Security Internal Audits :
• Organize security audits in project mode
• Define remediation procedures and/or participate in remediations procedures definitions with owners teams (GO Security, PUIAM Teams, CyberArk Teams, etc)
• Implement remediations, report on non-compliance, manage security exceptions
Recertification :
• Participate in evaluating the recertification frameworks, planning and roadmaps
• Review and validate remediation procedures
• Provide Market assistance
• Report
Service Enablement :
• Participate in the security of services (through the Cloud Service Board and Riks in project initiatigves)
• Identify, organize and implement security prerequisites for service consumptions
• Define and implement CB Security oversight in coordination with GO Security through Dedicated TOR (Terms of Reference) : see monthly CB governance meeting
Security Incidents :
• Manage cross Market security incident, provide assistance and act as a SPOC for Markets
