Tech Lead Vulnerability Management

Position main activities

As Technical lead, you will

• Develop and adapt products vision and roadmap in collaboration with the product manager and by discussing with customer / end-users
• Contribute to the product backlog delivery, such as new feature and improvement, its delivery and its quality
• Manage and optimize on a day‑to‑day basis AXA global vulnerability management platform
• Lead major product and platform evolutions to support Security Operation Center (SOC) and Vulnerability Operation Center (VOC)
• Lead proof‑of‑concept and represent AXA as a leading business partner with third parties/vendor
• Help evaluate business value and benefits of technical features
• Determine whether a technical backlog item was satisfactorily delivered
• Contribute to the day‑to‑day LOA (run) activities, leading by example
• Ensure a high level of Quality‑of‑Service (QoS) for AXA internal customers
• Be a leader for the team and for AXA in terms of expertise on the product technology and IS security process, aka Vulnerability management
• Ensure transparency into the upcoming work of the team
• Involve all relevant stakeholders (architecture, entities, security, data privacy etc.) to ensure technical feasibility
• Coordinate internal resources and third parties/vendors for the flawless execution of projects
• Raise alert and identify solution to ensure on‑time delivery
• Evangelize within and outside AXA about the solutions you develop and market them accordingly
• Regular reporting of progress, risks, and issues towards the product manager and other stakeholders
• Participate to Product governance and meetup

Experience

• Hands‑on experience with vulnerability management tools (e.g. Kenna, Tenable, Qualys, Vulcan, Hackuity etc.)
• Experience in implementing hardening controls based on Security Industry Standards, such as CIS Benchmarks
• Experience in Private and Public Cloud Security
• Understanding of workload protection, including servers, workstations, containers
• Experience using an ITSM tool such as ServiceNow
• Strong fundamentals in networking protocols and troubleshooting
• Knowledge of hacking techniques, cyber threats and security trends

Education

• Post‑graduate degree in IT or a closely related subject to IS Security

Certification

• A certification in relation with Vulnerability Management is highly desired
• ISC² CISSP (Certified Information Systems Security Professional) or CCSP (Certified Cloud Security Professional)

Overall work experience in the fields

• Experience in Security > 3 years (required)
• Experience in Security product day‑to‑day management (required)

Skills

• Work on maturing vulnerability management & compliance program services and processes
• Develop and improve KPIs, metrics, and trend analysis for vulnerability management features
• Take part in the implementation and operational best practices while taking ownership of tasks and/or project workstreams
• PowerShell and Python scripting skills
• Analytical thinking, time management and coordination skills

Language

• Fluent in English is a necessity (including technical Information security English)