Vulnerability Management Analyst
AXA GBS Morocco
A propos de l'entreprise
AXA Global Business Services Morocco is a subsidiary of AXA Group, one of the leading insurance brands in the world. We embody the essence of a diverse, global team, uniting talents from around the world to create a seamless, supportive network for all AXA entities. Our story is one of collaboration and growth, deeply rooted in our mission and vision, guiding every step we take.
Our Mission: Together with entities, we deliver advanced services and shape solutions that drive operational excellence.
In the heart of AXA, our role is multi-layered. From insurance operations to corporate functions, we leverage data, technology, and diverse capabilities to enhance our partners' performance in a streamlined, efficient manner.
Our Vision: Building on unique capabilities and expertise, our teams dare to open new doors for AXA.
We are not just about today; we are shaping tomorrow. Our vision is to continuously develop new skills and solutions, opening doors to fresh opportunities. This means committing to the highest service and quality levels, embracing continuous improvement, and fostering courage and boldness within our team.
For over 25 years, our operations have spanned across five delivery centres in India and Morocco, serving more than 35 AXA entities. Our 3,800+ strong workforce is the heartbeat of our organisation, moving forward in a culture of trust, empowerment, and care. Driven by our values, we are a cohesive global team, quick to adapt to market dynamics, united by the desire to excel.
Our Centres of Excellence (COEs) offer advanced services, shaping tailor-made solutions for our partners in the Tech, Security, Data, Insurance Ops and Corporate function Ops domain.
The AXAllence strategic plan for 2024-26 charts our future course, focusing on operational efficiency, employee retention and skill enhancement, and delivering unparalleled value to our partners. These pillars, supported by our vision and mission, are the foundation of our commitment to AXA.
In essence, while our heritage lies in delivering value in BPO services, our innovative spirit thrives in the IT domain, all in support of the overarching AXA Group strategy. At AXA Global Business Services, we are not just preparing for the future; we are actively creating it.
At AXA Global Business Services, the future is brimming with opportunities. Join us on this exciting journey! Together, we will continue to open new doors for AXA.
Vos missions
The main mission of the Security Engineer Vulnerability and threat Management is to perform scans and reports using the Qualys Guard tool.
You’ll be responsible of performing and scheduling compliance and vulnerability scans on AXA network activity and infrastructure and generating reports to different teams (such as server admins, network administrators in order to mitigate scanned vulnerabilities).
The role consists also of integrating and managing different assets in the Qualys Guard modules.
MISSIONS :
Security Management:
• Conduct vulnerability scanning and assessment functions related to various clients, environments, technologies, systems and appliances
• Coordinate effectively with representatives of different Business Units and technology specialists
• Integrate and manage assets in Qualys
• Effectively communicate security vulnerabilities and risks to issue owners and assist in remediation efforts
• Govern and enforce cybersecurity policies and vulnerability remediation deadlines
• Develop and maintain executive dashboards and/or regular reports to communicate department-specific cybersecurity risks and threats
Reporting Service:
• Provide a monthly/Weekly analysis of common vulnerabilities and compliance issues
• Produce a periodic dashboard demonstrating remediation progress and cases’ status
Profil recherché
Education :
• Minimum Bac+5 in Networks and Security.
Certification :
• An information Security Certification is highly desired (CCNA R&S, CCNA Security, NSE4, PCCSA, MCSA, CEHv9/v10…or/and equivalent) Work Ethics
Overall work experience in the field:
• Global technical vision of the main security tools / environments: (PKI, SIEM, SOC, authentication, IPSEC, AD security, operating system security, Windows account security)
• Experience managing data security programs like Password Vaulting, Privileged Access Management (Cyber Ark)
• Experience with Identity Management concepts and processes including authorization, authentication, segregation of duties
• Knowledge of best practices around data security
• Experience using an ITSM tool such as ServiceNow
• Strong fundamentals in networking protocols and troubleshooting
• Knowledge of hacking techniques, cyber threats and security trends
• At least 2 years’ experience in the cybersecurity industry