SOC INTEGRATION SPECIALIST
AXA Group
il y a 23 jours
Date de publicationil y a 23 jours
S/O
Niveau d'expérienceS/O
Temps pleinType de contrat
Temps pleinCentre d'appel / Service clientCatégorie d'emploi
Centre d'appel / Service clientDescription
Our mission at AXA is to empower people to live a better life. We have to move from a perceived payer of claims to a strong partner in life for our customers. Thus, our role as Group Operations must be to support and to empower all AXA teams in the best way to achieve together this meaningful aspiration.
The most powerful levers to achieve this can be summarized as Innovation and Execution, and will drive all Operations teams:
• Innovation: To create and provide the prerequisites and opportunities for all AXA teams to develop leading innovative solutions for the needs of our current and future customer
• Execution: To create an environment which allows our teams all over the world to bring their ideas to reality and make our strong promise to the customers happen
Our concrete goals are to:
• Reinforce and realize our value creation for the global AXA organization;
• Support and foster innovation across AXA in a close alignment and teaming with Group Business Innovation;
• Embed simplicity and empowerment in our day-to-day working as well as ensure that we contribute to AXA's mission and strategy.
CYBER DEFENSE
Under Group Security, the Cyber Defense department provides entities with first line of defense services to protect, detect and react to Cyber Threats and Attacks and deliver IT Security Products.
Within Cyber Defense, Security Operations Center (SOC) is designed to prevent, detect and react to cyber threats.
POSITION MAIN ACTIVITIES
Security Operations Center (SOC) delivers the following capabilities to the AXA entities around the globe: Security Monitoring and Detection, Security Incident Response and Threat Intelligence. The are 2 transversal services of the SOC allows increasing coverage and overall detection capability which are Log Onboarding Factory and Use Case Factory.
The Log Onboarding Factory provides a mechanism to ensure that AXA entities have the right log sources monitored by onboarding new assets in line with the log monitoring requirements (to cover critical assets) and updating the log monitoring scope following periodical assets inventory review.
As part of the log onboarding factory, SOC Onboarding & Integration Specialist will be in charge of the following activities:
• Onboarding logs following logs onboarding guidelines and proce
o Identifying prerequisites for log sources to be onboarded (technology, versions, etc.)
o Defining the connectors setup and ensuring the setup of all IP configuration
o Requesting and following up on the opening of the necessary firewall flow
o Providing guidance on configuring the source devices according to logging standard
o Validating that events from log sources are received and troubleshooting when necessary
o Communicating on the progress and blocking point
• Formalize and maintain documentation for log sources onboarding
o For new technology, gather relevant information from the configuration guides related to the log sources technology and from the contacts managing the platform
o Define based on the collected information with the Security Monitoring and Detection and Security Incident Response teams the relevant logs to be collected
o Document and maintain the logging standards, the connectors configuration and the mapping table
• Manage the delivery of entities onboarding demands and ad-hoc projects
o Drive end to end log onboarding demands/projects in coordination with entities, projects stakeholders, third party log onboarding team: understand the onboarding requirements, manage prioritisations and capacitie
o Ensure the delivery from the third party log onboarding team is in line with the onboarding requirements including relevant documentation
o Participate in demand requests and projects as a subject matter expert contributing to proposal and scoping, solution design
o Onboarding logs following logs onboarding guidelines and proce
• Liaise with the SIEM Platform Management team to ensure continuous integration within AXA environment
o Enable the information exchange and communication flow among the teams that implement SIEM Platform configuration change
o Perform tracking and documentation of all the change activity (i.e. on-boarding, connector configuration adjustment, etc.)
o Perform regular coordination to exchange information on the planned onboarding, identified issues, etc.
Scope: All AXA entitie
Team structure: Security Operations Center comprises of Security Monitoring and Detection, Security Incident Response & Forensics and Configuration & Development teams.
Stakeholders:
• Internal actors: Group IT and Cyber Defense teams, Group Security, Entities, Group Procurement, GO Markets, GO Partnership Office, Security Operations Center operational team
• External actors: third party log onboarding team, vendors, professional bodies, industry peer
DIMENSION
£ Local £ Regional ¢ International
PROFILE, SKILLS & COMPETENCIES
Experience
• Experience in Information Security > 5 year
• Experience in IT > 5 year
Education
o A Degree in Computing, IT or Engineering
Skills
• Experience with SIEM technologies and log onboarding
• Good knowledge of Linux and Windows environment
• Willingness to learn and understand new technologie
• Ability to function effectively in a matrix structure
• Team player
• Professional and positive approach
• A can-do attitude and willingness to go the extra mile when required
• Cross cultural sensitivity, flexibility
• Fluent in English
Qualifications
Our mission at AXA is to empower people to live a better life. We have to move from a perceived payer of claims to a strong partner in life for our customers. Thus, our role as Group Operations must be to support and to empower all AXA teams in the best way to achieve together this meaningful aspiration.
The most powerful levers to achieve this can be summarized as Innovation and Execution, and will drive all Operations teams:
• Innovation: To create and provide the prerequisites and opportunities for all AXA teams to develop leading innovative solutions for the needs of our current and future customer
• Execution: To create an environment which allows our teams all over the world to bring their ideas to reality and make our strong promise to the customers happen
Our concrete goals are to:
• Reinforce and realize our value creation for the global AXA organization;
• Support and foster innovation across AXA in a close alignment and teaming with Group Business Innovation;
• Embed simplicity and empowerment in our day-to-day working as well as ensure that we contribute to AXA's mission and strategy.
CYBER DEFENSE
Under Group Security, the Cyber Defense department provides entities with first line of defense services to protect, detect and react to Cyber Threats and Attacks and deliver IT Security Products.
Within Cyber Defense, Security Operations Center (SOC) is designed to prevent, detect and react to cyber threats.
POSITION MAIN ACTIVITIES
Security Operations Center (SOC) delivers the following capabilities to the AXA entities around the globe: Security Monitoring and Detection, Security Incident Response and Threat Intelligence. The are 2 transversal services of the SOC allows increasing coverage and overall detection capability which are Log Onboarding Factory and Use Case Factory.
The Log Onboarding Factory provides a mechanism to ensure that AXA entities have the right log sources monitored by onboarding new assets in line with the log monitoring requirements (to cover critical assets) and updating the log monitoring scope following periodical assets inventory review.
As part of the log onboarding factory, SOC Onboarding & Integration Specialist will be in charge of the following activities:
• Onboarding logs following logs onboarding guidelines and proce
o Identifying prerequisites for log sources to be onboarded (technology, versions, etc.)
o Defining the connectors setup and ensuring the setup of all IP configuration
o Requesting and following up on the opening of the necessary firewall flow
o Providing guidance on configuring the source devices according to logging standard
o Validating that events from log sources are received and troubleshooting when necessary
o Communicating on the progress and blocking point
• Formalize and maintain documentation for log sources onboarding
o For new technology, gather relevant information from the configuration guides related to the log sources technology and from the contacts managing the platform
o Define based on the collected information with the Security Monitoring and Detection and Security Incident Response teams the relevant logs to be collected
o Document and maintain the logging standards, the connectors configuration and the mapping table
• Manage the delivery of entities onboarding demands and ad-hoc projects
o Drive end to end log onboarding demands/projects in coordination with entities, projects stakeholders, third party log onboarding team: understand the onboarding requirements, manage prioritisations and capacitie
o Ensure the delivery from the third party log onboarding team is in line with the onboarding requirements including relevant documentation
o Participate in demand requests and projects as a subject matter expert contributing to proposal and scoping, solution design
o Onboarding logs following logs onboarding guidelines and proce
• Liaise with the SIEM Platform Management team to ensure continuous integration within AXA environment
o Enable the information exchange and communication flow among the teams that implement SIEM Platform configuration change
o Perform tracking and documentation of all the change activity (i.e. on-boarding, connector configuration adjustment, etc.)
o Perform regular coordination to exchange information on the planned onboarding, identified issues, etc.
Scope: All AXA entitie
Team structure: Security Operations Center comprises of Security Monitoring and Detection, Security Incident Response & Forensics and Configuration & Development teams.
Stakeholders:
• Internal actors: Group IT and Cyber Defense teams, Group Security, Entities, Group Procurement, GO Markets, GO Partnership Office, Security Operations Center operational team
• External actors: third party log onboarding team, vendors, professional bodies, industry peer
DIMENSION
£ Local £ Regional ¢ International
PROFILE, SKILLS & COMPETENCIES
Experience
• Experience in Information Security > 5 year
• Experience in IT > 5 year
Education
o A Degree in Computing, IT or Engineering
Skills
• Experience with SIEM technologies and log onboarding
• Good knowledge of Linux and Windows environment
• Willingness to learn and understand new technologie
• Ability to function effectively in a matrix structure
• Team player
• Professional and positive approach
• A can-do attitude and willingness to go the extra mile when required
• Cross cultural sensitivity, flexibility
• Fluent in English
About AXA
As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working with 105 million customers, we've created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we're nurturing a culture of
respect, for each other, for our customers and the communities around us. Join AXA and you'll feel like you belong, are included and can thrive. You'll be able to shape the way you work and truly grow your potential as you seek out new opportunities, push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.
AXA is becoming a sustainable tech-led company and at AXA Group Operations we are one of the major catalysts for this transformation.
We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation, driving its concrete implementation globally at speed, with a high quality of advisory and execution.
We are present across 17 countries with committed, highly qualified teams. We leverage technology, data, sourcing, security and investment allocation in a global way, but also achieve economies of scale and synergies when necessary.
At AXA Group Operations, we want to be recognized in three fields of action:
Our mission at AXA is to empower people to live a better life. We have to move from a perceived payer of claims to a strong partner in life for our customers. Thus, our role as Group Operations must be to support and to empower all AXA teams in the best way to achieve together this meaningful aspiration.
The most powerful levers to achieve this can be summarized as Innovation and Execution, and will drive all Operations teams:
• Innovation: To create and provide the prerequisites and opportunities for all AXA teams to develop leading innovative solutions for the needs of our current and future customer
• Execution: To create an environment which allows our teams all over the world to bring their ideas to reality and make our strong promise to the customers happen
Our concrete goals are to:
• Reinforce and realize our value creation for the global AXA organization;
• Support and foster innovation across AXA in a close alignment and teaming with Group Business Innovation;
• Embed simplicity and empowerment in our day-to-day working as well as ensure that we contribute to AXA's mission and strategy.
CYBER DEFENSE
Under Group Security, the Cyber Defense department provides entities with first line of defense services to protect, detect and react to Cyber Threats and Attacks and deliver IT Security Products.
Within Cyber Defense, Security Operations Center (SOC) is designed to prevent, detect and react to cyber threats.
POSITION MAIN ACTIVITIES
Security Operations Center (SOC) delivers the following capabilities to the AXA entities around the globe: Security Monitoring and Detection, Security Incident Response and Threat Intelligence. The are 2 transversal services of the SOC allows increasing coverage and overall detection capability which are Log Onboarding Factory and Use Case Factory.
The Log Onboarding Factory provides a mechanism to ensure that AXA entities have the right log sources monitored by onboarding new assets in line with the log monitoring requirements (to cover critical assets) and updating the log monitoring scope following periodical assets inventory review.
As part of the log onboarding factory, SOC Onboarding & Integration Specialist will be in charge of the following activities:
• Onboarding logs following logs onboarding guidelines and proce
o Identifying prerequisites for log sources to be onboarded (technology, versions, etc.)
o Defining the connectors setup and ensuring the setup of all IP configuration
o Requesting and following up on the opening of the necessary firewall flow
o Providing guidance on configuring the source devices according to logging standard
o Validating that events from log sources are received and troubleshooting when necessary
o Communicating on the progress and blocking point
• Formalize and maintain documentation for log sources onboarding
o For new technology, gather relevant information from the configuration guides related to the log sources technology and from the contacts managing the platform
o Define based on the collected information with the Security Monitoring and Detection and Security Incident Response teams the relevant logs to be collected
o Document and maintain the logging standards, the connectors configuration and the mapping table
• Manage the delivery of entities onboarding demands and ad-hoc projects
o Drive end to end log onboarding demands/projects in coordination with entities, projects stakeholders, third party log onboarding team: understand the onboarding requirements, manage prioritisations and capacitie
o Ensure the delivery from the third party log onboarding team is in line with the onboarding requirements including relevant documentation
o Participate in demand requests and projects as a subject matter expert contributing to proposal and scoping, solution design
o Onboarding logs following logs onboarding guidelines and proce
• Liaise with the SIEM Platform Management team to ensure continuous integration within AXA environment
o Enable the information exchange and communication flow among the teams that implement SIEM Platform configuration change
o Perform tracking and documentation of all the change activity (i.e. on-boarding, connector configuration adjustment, etc.)
o Perform regular coordination to exchange information on the planned onboarding, identified issues, etc.
Scope: All AXA entitie
Team structure: Security Operations Center comprises of Security Monitoring and Detection, Security Incident Response & Forensics and Configuration & Development teams.
Stakeholders:
• Internal actors: Group IT and Cyber Defense teams, Group Security, Entities, Group Procurement, GO Markets, GO Partnership Office, Security Operations Center operational team
• External actors: third party log onboarding team, vendors, professional bodies, industry peer
DIMENSION
£ Local £ Regional ¢ International
PROFILE, SKILLS & COMPETENCIES
Experience
• Experience in Information Security > 5 year
• Experience in IT > 5 year
Education
o A Degree in Computing, IT or Engineering
Skills
• Experience with SIEM technologies and log onboarding
• Good knowledge of Linux and Windows environment
• Willingness to learn and understand new technologie
• Ability to function effectively in a matrix structure
• Team player
• Professional and positive approach
• A can-do attitude and willingness to go the extra mile when required
• Cross cultural sensitivity, flexibility
• Fluent in English
Qualifications
Our mission at AXA is to empower people to live a better life. We have to move from a perceived payer of claims to a strong partner in life for our customers. Thus, our role as Group Operations must be to support and to empower all AXA teams in the best way to achieve together this meaningful aspiration.
The most powerful levers to achieve this can be summarized as Innovation and Execution, and will drive all Operations teams:
• Innovation: To create and provide the prerequisites and opportunities for all AXA teams to develop leading innovative solutions for the needs of our current and future customer
• Execution: To create an environment which allows our teams all over the world to bring their ideas to reality and make our strong promise to the customers happen
Our concrete goals are to:
• Reinforce and realize our value creation for the global AXA organization;
• Support and foster innovation across AXA in a close alignment and teaming with Group Business Innovation;
• Embed simplicity and empowerment in our day-to-day working as well as ensure that we contribute to AXA's mission and strategy.
CYBER DEFENSE
Under Group Security, the Cyber Defense department provides entities with first line of defense services to protect, detect and react to Cyber Threats and Attacks and deliver IT Security Products.
Within Cyber Defense, Security Operations Center (SOC) is designed to prevent, detect and react to cyber threats.
POSITION MAIN ACTIVITIES
Security Operations Center (SOC) delivers the following capabilities to the AXA entities around the globe: Security Monitoring and Detection, Security Incident Response and Threat Intelligence. The are 2 transversal services of the SOC allows increasing coverage and overall detection capability which are Log Onboarding Factory and Use Case Factory.
The Log Onboarding Factory provides a mechanism to ensure that AXA entities have the right log sources monitored by onboarding new assets in line with the log monitoring requirements (to cover critical assets) and updating the log monitoring scope following periodical assets inventory review.
As part of the log onboarding factory, SOC Onboarding & Integration Specialist will be in charge of the following activities:
• Onboarding logs following logs onboarding guidelines and proce
o Identifying prerequisites for log sources to be onboarded (technology, versions, etc.)
o Defining the connectors setup and ensuring the setup of all IP configuration
o Requesting and following up on the opening of the necessary firewall flow
o Providing guidance on configuring the source devices according to logging standard
o Validating that events from log sources are received and troubleshooting when necessary
o Communicating on the progress and blocking point
• Formalize and maintain documentation for log sources onboarding
o For new technology, gather relevant information from the configuration guides related to the log sources technology and from the contacts managing the platform
o Define based on the collected information with the Security Monitoring and Detection and Security Incident Response teams the relevant logs to be collected
o Document and maintain the logging standards, the connectors configuration and the mapping table
• Manage the delivery of entities onboarding demands and ad-hoc projects
o Drive end to end log onboarding demands/projects in coordination with entities, projects stakeholders, third party log onboarding team: understand the onboarding requirements, manage prioritisations and capacitie
o Ensure the delivery from the third party log onboarding team is in line with the onboarding requirements including relevant documentation
o Participate in demand requests and projects as a subject matter expert contributing to proposal and scoping, solution design
o Onboarding logs following logs onboarding guidelines and proce
• Liaise with the SIEM Platform Management team to ensure continuous integration within AXA environment
o Enable the information exchange and communication flow among the teams that implement SIEM Platform configuration change
o Perform tracking and documentation of all the change activity (i.e. on-boarding, connector configuration adjustment, etc.)
o Perform regular coordination to exchange information on the planned onboarding, identified issues, etc.
Scope: All AXA entitie
Team structure: Security Operations Center comprises of Security Monitoring and Detection, Security Incident Response & Forensics and Configuration & Development teams.
Stakeholders:
• Internal actors: Group IT and Cyber Defense teams, Group Security, Entities, Group Procurement, GO Markets, GO Partnership Office, Security Operations Center operational team
• External actors: third party log onboarding team, vendors, professional bodies, industry peer
DIMENSION
£ Local £ Regional ¢ International
PROFILE, SKILLS & COMPETENCIES
Experience
• Experience in Information Security > 5 year
• Experience in IT > 5 year
Education
o A Degree in Computing, IT or Engineering
Skills
• Experience with SIEM technologies and log onboarding
• Good knowledge of Linux and Windows environment
• Willingness to learn and understand new technologie
• Ability to function effectively in a matrix structure
• Team player
• Professional and positive approach
• A can-do attitude and willingness to go the extra mile when required
• Cross cultural sensitivity, flexibility
• Fluent in English
About AXA
As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working with 105 million customers, we've created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we're nurturing a culture of
respect, for each other, for our customers and the communities around us. Join AXA and you'll feel like you belong, are included and can thrive. You'll be able to shape the way you work and truly grow your potential as you seek out new opportunities, push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.
AXA is becoming a sustainable tech-led company and at AXA Group Operations we are one of the major catalysts for this transformation.
We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation, driving its concrete implementation globally at speed, with a high quality of advisory and execution.
We are present across 17 countries with committed, highly qualified teams. We leverage technology, data, sourcing, security and investment allocation in a global way, but also achieve economies of scale and synergies when necessary.
At AXA Group Operations, we want to be recognized in three fields of action:
- State-of-the-art Data Technology to drive customer experience
- State-of-the-art Procurement & Sourcing to drive efficiency and better manage risks
- High-Performing Global Team for stronger partnerships with AXA entities
RÉSUMÉ DE L' OFFRE
SOC INTEGRATION SPECIALISTAXA Group
Paris
il y a 23 jours
S/O
Temps plein