AXA Business Services - Consultant - Operational Resilience

Overview of the role

From Role perspective it will be a mix of having a good understanding of Application and Ransomware and also a good PMO (Co-ordinate with stakeholders)

Expected to work across Business Continuity, ITSCM, Incident Crisis Management - Would be good if the candidate is familiar with these domains

Would be good if the candidate is familiar with concepts like EDR, Offline Backup, validate DR Test Result , DR Evidences, in case of a failed DR what are the next steps or actions that one needs to take care if the set RTO is not reached during a DR Exercise

The candidate would not require a technical experience as SPOCs are there for 3 OpRes. pillars (Crisis Management, Business Continuity Management and ITSCM ) but would have to carry out part responsibilities in their absence

Excellent Communication Skills (Verbal and Written) as will interact with stakeholders across Europe

KEY RESPONSIBILITIES

- Responsible for transversal oversight and governance of the disciplines of Operational resilience - Business Continuity, IT Service Continuity, and Crisis & Incident management as per Group Security strategy and framework

- Oversee the Operational Resilience Controls Framework implementation within the countries and ensure the maturity targets are met

- Provide support to Chief Operational Resilience Officer (CORO) for transversal oversight across all 3 disciplines; support the CORO in the the crisis and incident management controls, global documentation, strategy, and implementation in countries.

- Collaborate with and support the Group Security Practice. Interactions with AXA Partners Head of Operational Resilience, Country OR community (BC Managers, IT Managers, Country managers), Regional Security Manager, Local Security officers, OR Managers and other stakeholders as necessary to ensure presence, quality and effectiveness of processes & controls.

- Serve as an advisor to the local countries in the implementation and maintenance of operational resilience processes and controls and provides support to Regional Security Managers in their Operational Resilience activities

- Ensure policies, shared security services and action plans are implemented based on the Group Security Strategy

- Identify and analyze risk, recommend appropriate mitigation options.

- Ensure the high quality and consistency of reporting and action plans produced by local entities

- Consolidate reporting and evidences provided by local entities and at regional level

- Perform Quality Assurance at central level to reinforce confidence in the maturity level raised by countries

- Assess the impact on the business environment and advice on appropriate mitigation actions or the prioritization of projects and investments within the entity.

- Escalate the need to redirect investment or change practices to mitigate critical risks and ensure legal, regulatory or commercial compliance

- Implement continuous improvement processes and activities (e.g. good practices, reporting, problem resolution, automation, templates formalization) to ensure quality and relevance of Operational Resilience services

- Promote a culture of information security and raise awareness

- Ensure development and maintenance of auditable processes to enforce consistency across the region

Technical/Functional Knowledge, Skills and Abilities

- Awareness regarding good business continuity, ITSCM, and Crisis / Incident management practices and standards (DRII, BCI materials, ISO 22301, 22316 etc)

- Awareness regarding relevant regulation is a plus, especially in DORA

- Experience in business continuity (BIA, RA, BCP)

- Experience in IT service continuity (RTO/ RTC/RPO/ RPC), crisis and incident management, security risk analysis, auditing, information security

- Experience in financial/insurance/assistance industry is a plus

- Experience preparing and reviewing business continuity, crisis management and IT service continuity plans is a strong plus

- Ability to work efficiently with data (report consolidation, correlation) and reporting tools (advanced Excel, Power BI, .)

- Fluent in English (additional languages - French, Spanish - are an asset)

- Excellent problem-solving skills.

- Ability to plan and execute on project plans.

- Ability to deliver work with minimum supervision and effectively operate in a dynamic global organization.

- Knowledge of risks and risk mitigation strategies.

- Strong interpersonal, oral, and written communication skills.

- Experience with ClearView, SendWordNow, and SharePoint is a plus.

Education, Professional Qualifications and Experience

- At least 3 year of operational resilience, business continuity, IT service continuity experience or auditing

- CBCP, CBCI or other relevant certifications would be a strong asset.

- Bachelor's in computer science, management information systems, information security or related field is preferred.