Security Service Manager

**Security Service Manager** **(**22000271**)**
**PRIMARY LOCATION**: SPAIN-CATALONIA-BARCELONA
**ORGANIZATION**: AXA Partners - AP Global Operations
**CONTRACT TYPE**: Regular
**SHIFT**: Day Job

SCHEDULE**: Full-time

**DESCRIPTION**
***

Global Security Centre deliver security assessments globally for all Axa Partners entities. Central team is managing all security testing services and follow up execution and delivery. Security Assessment Service Manager will monitor all of this tasks and will organize all resources needed in order to deliver all requests received from our clients.

**KEY RESPONSIBILITIES**
- Manage and lead Security Assessment department, covering all security testing activities inside AXA Partners Organization.
- Define Application Security strategy over AXA Partners entities.
- Develop services performed by the Security Assessment Team with a client-oriented mind set.
- Relationship over all the stakeholders, customers, partners and vendors in AXA Partners in order to manage escalations/bottle necks, etc.
- Vulnerability management over critical and high findings.
- Manage penetration testing campaign execution across all the AXA Partners' owned organizations.
- Ensure the penetration testing quality and align with the AXA GROUP Strategy.
- Manage, grow and organize the whole Security Assessment and Penetration Testing Team related activities.
- Advise AXA organizations in vulnerability discovery and remediation strategies.
- Security Engineering Communicator. Cover the communication's gap between IT and Security Teams as well as with Business Managers.
- Able to translate complex technical information into a form understood and embraced by others and satisfactorily address complex customer and regulator queries and concerns.
- Drive and maintain continuous improve optimization of Security Services delivered by Security Engineering Department based on strong technical knowledge of secure engineering principles.
- Provide quality security testing and ensuring continuous improvement in security team practices.
- Experience demonstrated acting as a security specialist on security requirements in projects.
- Good knowledge on the OWASP ASVS framework.
- Experience managing more than 300 penetration tests a year.
- Experience managing teams larger than 15 people.
- Knowledge of penetration testing tools: BURP, Qualys, Nessus, Acunetix, ZAP, Kali, Parrot, Metasploit, etc.
- Knowledge on Web and API security testing paradigms.
- Excellent knowledge on DAST, SAST and Penetration Testing activities and related frameworks.
- Solid knowledge on the Software Development Life Cycle (SDLC).

**QUALIFICATIONS**

SKILLS AND EXPERIENCE

**Technical/ Functional Knowledge, Skills and Abilities**
- Solid knowledge on the Software Development Life Cycle (SDLC).
- Vulnerability management over critical and high findings.
- Manage, grow and organize the whole Security Assessment and Penetration Testing Team related activities.
- Advise AXA organizations in vulnerability discovery and remediation strategies.
- Able to translate complex technical information into a form understood and embraced by others and satisfactorily address complex customer and regulator queries and concerns.
- Drive and maintain continuous improve optimization of Security Services delivered by Security Engineering Department based on strong technical knowledge of secure engineering principles.
- Good knowledge on the OWASP ASVS framework.
- Knowledge of penetration testing tools: BURP, Qualys, Nessus, Acunetix, ZAP, Kali, Parrot, Metasploit, etc.
- Knowledge on Web and API security testing paradigms.
- Excellent knowledge on DAST, SAST and Penetration Testing activities and related frameworks.

**Education, Professional Qualifications and Experience**
- Manage and lead Security Assessment department, covering all security testing activities inside AXA Partners Organization.
- Define Application Security strategy over AXA Partners entities.
- Develop services performed by the Security Assessment Team with a client-oriented mind set.
- Relationship over all the stakeholders, customers, partners and vendors in AXA Partners in order to manage escalations/bottle necks, etc.
- Manage penetration testing campaign execution across all the AXA Partners' owned organizations.
- Ensure the penetration testing quality and align with the AXA GROUP Strategy.
- Security Engineering Communicator. Cover the communication's gap between IT and Security Teams as well as with Business Managers.
- Provide quality security testing and ensuring continuous improvement in security team practices.
- Experience demonstrated acting as a security specialist on security requirements in projects.
- Experience managing more than 300 penetration tests a year.
- Experience managing teams larger than 15 people.

**ABOUT AXA**

AXA Group is the world leader in insurance and asset management. We protect and advise our clients at every step in their lives, by offering produc