Cloud Security Engineer AXA DCP

Cloud Security Engineer, AXA DCP

Location:

Barcelona – Spain

AXA’s Management Committee is driving a unique strategic initiative - Digital Commercial Platform (DCP) – designed to transform AXA’s value proposition. Through DCP, AXA will serve existing and new clients and partners through an evolving business model, where the focus is on risk prediction, prevention and management.

AXA DCP relies on creating a platform of AXA’s risk insights, risk management, and risk prevention capabilities to enhance and support our service offering to commercial clients and third parties. End users will be able to access a broad selection of data built on existing or developing AXA assets. The platform will also create value by monetizing unique capabilities and services for our customers, aggregating, and delivering insights from unique data sets with external partners, and fostering end-customer relationships in alignment with brokers.

AXA DCP aims to:

• Improve our underwriting pricing and claims capabilities across the commercial lines book of business of AXA Group
• Create a platform for risk management and prevention services
• Build an ecosystem of business partners

As Cloud Security Engineer, your main mission will be to ensure the security and integrity of our applications and infrastructure in the cloud. You will be responsible for implementing and supervising security architectures and controls throughout the software development lifecycle, collaborating closely with development and operations teams to enforce security standards.

• Act as a trusted advisor for solution architects and development teams providing approval and guidance on secure practices and patterns
• Conduct security assessments and audits, identifying potential risks in software and cloud blueprints and proposing improvements
• Design, maintain and integrate security into the CI/CD pipeline, automating security checks and testing processes following the principle “Shift Left”
• Establish and monitor KPIs and KRIs related to infrastructure and application security in an AWS context.
• Engage with stakeholders (especially Technology office, Product Office and data management team) to facilitate and manage resolution, with tracking of work to report on progress
• Utilize a variety of Dev Sec Ops  tools (Qualys WAS, Check Marks SCA for SAS & DAST, Checkov) and cloud services (AWS Inspector, Guard Duty, Cloud Trail, IAM, Config, Security Hub, WAS Manager) to identify, assess, prioritize and manage security vulnerabilities across the organization’s applications, systems and networks to automate and standardize configurations
• Foster effective partnerships with other teams (internal and external) to enhance the organization’s overall security posture and minimize potential threats and to identify threats, vulnerabilities, and control improvements
• Support the stakeholders to enable informed decision making
• Design, implement and improve secure coding related practices, processes and standards
• Collaborate with development and operations teams to implement security controls and best practices in the development and deployment processes
• Participate in development and continuous improvement of security processes, policies, standards and other governing documents and ensure compliance.
• Participate in and support delivery of security audits, threat modeling and assessments and remediation of findings
• Participate to AXA DCP Architecture Review Board and other governance bodies/meetings related to Security activity
• Perform in-depth analysis of application code and infrastructure, architecture, and configurations to ensure compliance with security standards
• Assist in the investigation and resolution of security incidents in Production and Non Production environments
• Define and implement Infrastructure as Code patterns and practices using Terraform in the context of AWS

You will report to the Chief Security Officer, AXA DCP.

We’re looking for someone who has these abilities and skills:

• Experience in IT security engineering, cloud security engineering or related…