Red Team Analyst

About AXA As a world‑leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working for 105 million customers, we’ve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we’re nurturing a culture of respect, for each other, for our customers and the communities around us.

Job Position Pitch

To support our business strategy and digital transformation, AXA is building a new Group Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organization and establish sustainable security capabilities that are integrated with the business. Our vision for Information Security is to protect our stakeholders by securing our information assets, managing our cyber risk and enabling business strategies in an efficient and effective way.

Where will you be in the organization?

You will join the Group Security division, defining the security standards to be applied by AXA entities, overseeing the overall security posture across the Group and providing centralized services to support entities such as Crisis Management and Security Operations Centre.

Our Main Missions

• Monitor the Security Threat Landscape
• Define and oversee Security Standards and Strategy implementation across the Group
• Drive local security objectives with C‑Level executives of AXA entities
• Ensure the security of Group Operations as an entity
• Provide centralized security services and products to AXA entities

About the Job

• Red Team Operations: Plan, coordinate, and execute red team operations to simulate advanced cyber threats targeting our organization’s assets, infrastructure, and personnel.
• Adversary Emulation: Mimic the tactics, techniques, and procedures (TTPs) of sophisticated threat actors to identify weaknesses in our security defenses and response capabilities.
• Penetration Testing: Conduct comprehensive penetration tests to assess the effectiveness of security controls, including network, application, and physical security measures.
• Vulnerability Research: Identify and exploit vulnerabilities in systems, applications, and devices to demonstrate potential attack vectors and provide actionable recommendations for mitigation.
• Tool Development: Develop and customize tools, scripts, and exploits to support red team operations and enhance the efficiency and effectiveness of simulated attacks.
• Reporting and Documentation: Document findings, including identified vulnerabilities, successful attack paths, and recommendations for remediation in clear and concise reports for stakeholders.
• Collaboration and Training: Collaborate with cross‑functional teams, including blue teams, incident responders, and security operations centres (SOCs), to improve detection and response capabilities, and provide training and mentorship to junior team members.
• Continuous Learning: Stay up‑to‑date with the latest cybersecurity threats, attack techniques, and defensive strategies. Participate in training, conferences, and research activities to enhance skills and knowledge.

Expected Skills & Experience

Experience

• Experience in assurance testing / red team / penetration testing activities – 3+ years
• Experience with project management and coordination – up to 3 years
• Experience with specific Information Security Controls and Vulnerability Databases – 3+ years
• Experience in network and/or firewall engineering, administration, design and implementation – up to 3 years
• Experience with technologies, tools and process controls to minimize risk and data exposure – up to 3 years

Skills / Abilities

• Ability to function effectively in a matrix structure
• Good facilitation, negotiation and conflict resolution skills
• Good networking skills
• Team player
• Apply analytical rigor to understand complex business scenarios
• Fluent in English
• Ability to organize

What We Offer

We are committed to equal opportunities in all aspects of employment and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued.