This is your opportunity to join AXIS Capital – a trusted global provider of specialty lines insurance and reinsurance. We stand apart for our outstanding client service, intelligent risk taking and superior risk adjusted returns for our shareholders. We also proudly maintain an entrepreneurial, disciplined and ethical corporate culture. As a member of AXIS, you join a team that is among the best in the industry.
The Business Information Security Officer (BISO) function within Global Information Security is responsible for information security control enforcement, cybersecurity awareness, and enablement across all lines of business, enterprise functions, technology, and operations teams. The BISO will report into the CISO for AXIS Capital and will support the Global Information Security function program activities to ensure a comprehensive approach to management of information security risk in all facets of the enterprise.
DUTIES AND RESPONSIBILITIES:
Oversee and coordinate security efforts across AXIS Capital including departments such as information technology, human resources, marketing, lending, member services, compliance, finance management and other groups, and identifies and establishes information security assurance initiatives and standards throughout the organization.
Assist in establishing and implementing effective security management and risk mitigation programs aligned with the AXIS Capital’s risk management objectives.
Collaborate with information security and cybersecurity counterparts in providing functional leadership, expertise to manage the security program and ensure consistent, effective, implementation of best practices, policy, and procedures.
Collaborate with business owners and review, improve, and execute security policies and procedures for the AXIS Capital, in conjunction with respective risk partners.
Collaborate with CIO’s organization to integrate efforts to address cyber threats and facilitate information security into a broader enterprise-wide security and risk mitigation program.
Partner with business management to determine acceptable information security risk levels for the enterprise, including development of key risk indicator and risk appetite metrics.
Responsible for AXIS Capital enterprise-wide information security risk assessment.
Perform information risk assessments for new business initiatives introducing new vendors, technologies, products, and services to the enterprise.
Other duties as assigned.
EDUCATION AND EXPERIENCE:
A minimum of 5 years of experience with information security program management, operations, audit, project management or related experience required in developing and operating an information security program:
Experience with financial services security programs.
Bachelor’s degree in related field from four-year college or university required.
Professional audit and/or project management experience are preferred.
Certifications such as CISSP (Certified Information Systems Security Professional), GIAC (Global Information Assurance Certification, and CISA (Certified Information Systems Auditor) desirable, but not required.
Equivalent combination of education and experience may substitute for stated qualifications.