Cybersecurity Vulnerability Scanning Engineer(220008E3) PRIMARY LOCATION: MOROCCO-RABAT - SALE - KENITRA ORGANIZATION: Group Operations CONTRACT TYPE: Regular
SCHEDULE : Full-time
DESCRIPTION
BUSINESS UNIT STATEMENT To support our business strategy and digital transformation, AXA is setting up a new information security practice to ensure a coordinated response to the increasing threat of cybersecurity, enabling consistent decision-making across the organization. Our vision of information security is to protect our stakeholders by securing our information resources, managing our cyber risks and enabling effective and efficient business strategies that are fully sponsored by executives and supported by all AXA employees. MISSION The main mission of the Cybersecurity Vulnerability Scanning Engineer is to check and analyze the different system servers if they contain any clear text passwords (in folders, text files, application files...) by running Script “CredzScanner”, generate Reports illustrating the analysis result and analyses patterns in the result files for bulk-remediation. Share Reports with Servers Owners and offer it the necessary support to fix this critical vulnerability. Propose other methods to save and manage passwords (e.g. Keepass, Passbolt, Keeper, HyperVault, CyberArk...etc) and collaborate with stakeholders to elaborate a monitoring process to maintain the safety of system servers. Have the ability to upgrade and improve the Script in order to adapt it with the new needs. Main responsabilities Security Management:
Analyze all system servers at AXA (SE/NE/ME/AP Datacenter’s)
Perform the password hunting using CredzScanner in BAU-mode (initially the tool is run once per month in every data center)
Perform spot-checks on clear-text passwords in systems not covered by CredzScanner (e.g. in Confluence)
Pilot and implement actions from the audit project
Analyse patterns in the result files for bulk-remediation
Identifying issues owners per finding
Create SILVA tickets and assign these to issues owners
Following up with on issues not resolved within agreed timeframe
Update/Modify/Improve Scripts to cover all needs
Reporting Service:
Provide a monthly analysis of " clear text password " rate in the different country/Datacenter
Produce a management dashboard demonstrating remediation progress
QUALIFICATIONS
Education
Master in Networks and Security.
Certification
An information Security Certification is highly desired (CCNA R&S, CCNA Security, NSE4, PCCSA, MCSA, CEHv9/v10…or/and equivalent)
Overall work experience in the field:
Global technical vision of the main security tools / environments:
PKI, SIEM, SOC, authentication, IPSEC, AD security, operating system security, Windows account security
Experience managing data security programs like Password Vaulting, Privileged Access Management (Cyber Ark), Data Loss Prevention
Experience with Identity Management concepts and processes including authorization, authentication, segregation of duties
Knowledge of best practices around data security
Experience using an ITSM tool such as ServiceNow
Strong fundamentals in networking protocols and troubleshooting
At least 2 years’ experience in the cybersecurity industry
SKILLS & ABILITIES
Proven ability to work independently with minimal supervision; must be a self-motivated self-starter that can initiate ideas and take ownership of work
Ability to learn new technologies quickly and with minimal guidance
Capable of following and composing process and procedure documentation, training users in complex topics, and interacting positively with upper management
Critical thinking skills and the ability to solve problems as they arise
PowerShell scripting skills
Advanced knowledge in Python
Basic coding skills, such as HTML, CSS and other languages
Fluent English. (very important)
ABOUT AXA
As a world-leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working with 105 million customers, we’ve created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we’re nurturing a culture of respect, for each other, for our customers and the communities around us. Join AXA and you’ll feel like you belong, are included and can thrive. You’ll be able to shape the way you work and truly grow your potential as you seek out new opportunities, push boundaries and benefit people in critical moments of their lives. This is your chance to build the tomorrow you want. Know you can.
AXA is becoming a sustainable tech-led company and at AXA Group Operations we are one of the major catalysts for this transformation.
We set the tone by triggering and empowering the evolution of our insurance business model through technology and innovation, driving its concrete implementation globally at speed, with a high quality of advisory and execution.
We are present across 17 countries with committed, highly qualified teams. We leverage technology, data, sourcing, security and investment allocation in a global way, but also achieve economies of scale and synergies when necessary.
At AXA Group Operations, we want to be recognized in three fields of action:
State-of-the-art Data Technology to drive customer experience
State-of-the-art Procurement & Sourcing to drive efficiency and better manage risks
High-Performing Global Team for stronger partnerships with AXA entities
WHAT WE OFFER
We bring together the expertise, cultural diversity and creativity of over 8,000 employees worldwide and we’re committed to equal opportunities in all aspects of employment (gender, LGBT+, disabled persons, or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued.
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.